General Data Protection Regulation

On 25 May 2018, the EU’s new regulation on the protection of personal data will enter into force. This means that Danish companies, which collect, store, process or transfer personal data on their customers or employees will be legally obliged from that date to comply with the new rules. A lot of content from the current Data Protection Act from 1995 will remain in the new regulation, but there will also be a number of new requirements, which entail IT support. In addition, the level of administrative fines for non-compliance will be significantly increased and regulatory oversight will be strengthened.

The new requirements that involve IT support:

  • Explicit consent from the data subject regarding the specific processing of his or her personal data. The data subject must also be informed that the consent can be withdrawn.
  • The right of rectification. The data subject has the right to object to any given processing of his or her personal data, and the processing must be terminated, if the objection is justified. It almost always is.
  • Data portability. The data subject has the right to receive his or her personal data in a commonly used and machine-readable format in order to be able to transfer the data to third parties.
  • The right to opt out from automatic profiling. The automatic processing of personal data has been routinely used by companies for things like credit ratings, e-marketing or e-recruiting. The data subject has to give consent to the use of his or her personal data for this kind of activity, and the data subject must have the choice to opt out from such automatic processing.
  • “Data protection by default”. It involves data protection being enabled as the default option in the IT solution.
  • “Data protection by design”. Data protection principles such as pseudomization and data minimization are designed – or embedded – into the IT solution.

 

FairPeople offers mapping, implementation and monitoring of compliance

Companies process personal data differently, and the IT solutions that must be implemented in order to ensure compliance with the new GPDR requirements, are only possible through a close dialogue with the company in question. FairPeople have developed an AI based BOT for analysis of both aggregated and deconstructed personal data, and we have a unique operational and data driven approach to compliance. FairPeople have just implemented a compliance program with Alm. Brand, which ensures that all the company data is stored in accordance with the new personal data regulation (GDPR).

A few words about the expected enforcement in Denmark

There are almost 50 passages in the new EU regulation, where national regulatory authorities in the 28 EU countries have to interpret and complement the text with practical instructions about the enforcement of the GDPR at the national level. This work has only just begun in Denmark, and the supervisory authority – Datatilsynet – is expected to publish some guidelines in the spring of 2017. However, it is stipulated in the regulation itself that companies can be fined with up to 20 million euro or as much as 4 percent of company revenues, if this amount is higher.
 


Get the expert you need now: BI Consultants, BI Analysts, BI Frontend Developers, BI Backend Developers, BI Architects and BI Project Managers

Loading...

LOCATION

Our head office is in Copenhagen and our prime nearshore office is in Prague. We futhermore have development centers in Poland but you can find our BI consultants all over Europe

LOOKING FOR AN EXPERT

Denmark: +45 4014 1188
Sweden: +46 852 504 631
Norway: +45 4014 1188
Netherlands: +45 4014 1188
UK: +44 203 7691 070