Organizarea sesiunilor de instruire a salariaţilor pentru conformarea la normele GDPR – Training „by design” şi „by default” din perspectiva unui DPO
Organization of employee training sessions for compliance with GDPR rules - Training "by design" and "by default" from the perspective of a DPO
Author(s): Andrei CononovSubject(s): Law, Constitution, Jurisprudence, Civil Law
Published by: Universul Juridic
Keywords: processing security; privacy; Training by Design; Training by Default;
Summary/Abstract: As an employee, we are playing a double role – as a data subject and, at the same time, as processors of personal data under the authority of our employer in its capacity of controller under GDPR. This ambivalence is likely to attract an increased concern regarding the security of personal data processing as well as ensuring the confidentiality of both personal data and the information and documents processed by us. Chapter IV of the European Regulation 679/2016 begins with the explicit articles relating to Controller’s Responsibilities (art. 24). Article 25 presents the concept of „Ensuring data protection starting from the moment of conception and by default”. The specific personal data privacy law frame and literature defines this concept as Privacy by Design, Privacy by Default (Guidelines 4/2019 on Article 25 Data Protection by Design and by Default)1, thus, extended to staff training, the concept of Training by Design and Training by Default becoming perfectly implementable.
Journal: Revista română pentru protecţia şi securitatea datelor cu caracter personal
- Issue Year: 2023
- Issue No: 01
- Page Range: 51-59
- Page Count: 9
- Language: Romanian
- Content File-PDF
