Law 15/1999 on Protection of Personal Data (hereinafter LOPD).
The Data Protection Act has its origins in the LORTAD (1992) which focuses on the problem computer, the Data Protection Act and works in regulating the processing of personal data. Who monitors their compliance is Data Protection Agency (which is based on the collection).
It universal compulsory, or not depending on the size or business activity, but the information they handle. My recommendation is to use strictly necessary for the completion of our work. There are exceptions to the requirement, limited to very few activities, such as a retail outlet without computerized management.
Compliance with the Data Protection Act used for law enforcement and to avoid administrative sanctions, and has been exemplary. In alignment with the Data Protection Act is to bring the circuit and the working methods of the company to current regulations, refer to files and documents containing personal data.
There are 3 levels of security:
- High or sensitive data : Health, faith, politics, race, sexual life, etc.
- Medium or of Financial Data: Income, payroll, etc.
- Under: Personal, debt (which refer to the default, not solvency).
are very important nuances, and a list is average, not contain personal data that would be low, but it contains an economic data would be average. If a company, for example, image consulting, have employees with payroll, and the most likely to level up your data is low, to keep and if the payroll has an agency that store the data the agency, as well as she made the sick leave for example, at the time that he should make the company, automatically change level security.
If, for example in the application of a VPO housing subsidy get help or disability, the answer "yes" or "no" in this section would be a low security level, but if you must specify the degree of disability , automatically switches to high.
Each file has a different security level. This affects eg the level of destruction paper (paper) which is measured by the size of the strip leaves the mill.
When a group or team, be responsible for files, data controllers and security officers. This means that matching involves every single employee of the agency to handle any data from any person.
My advice is that, regardless of company size or activity, the adequacy make a professional and reputable company in this field solvency.
The adjustment is based on three pillars:
- legal party (legal)
- Business Organization
- Computer party (usually the computer in addition to its long section of the organization serves as a working knowledge of each department)
The firm carrying out the suitability has to have knowledge or resources in the three fields.
A good fit has several phases:
- Recommendations Document (optional, and its preparation is a guarantee for the customer) that details the work plan and the actions and steps follow.
- Document Security (required Royal Decree 994/1999), specifically mentioning the definition of security measures.
- Implementation of the regulatory procedures set out in document security and entered in the Data Protection Agency, all files containing personal data.
- Training (compulsory) in accordance with established procedures. At this point, you can ask for the subsidy. Informacón blog entry on Tuesday May 6, 2008
Continuous Education. Real Decreto1046/2003, August 1
- Writing and delivery engagement model privilege to be signed by all employees of the company or entity.
- Drafting and validation contracts with third parties, including any contract of sale data processing.
is possible in some cases, necessary software, often customized to the continued compliance with the Data Protection Act and related training to employees in its implementation.
In this field, the only company I can recommend with guarantees and serving the national level is http://www.clepsis.es are professionals who have worked in this field for over 10 years before experts in the field of computer science and specialized in audit adjustments and even in the most complex, health and finance. Care for you and make you free estimate.
For any clarification in this field, I remain at your disposal.
