The National CyberSecurity Conference / Mihaela Cracea, PACHIU & ASSOCIATES:
Until 2018 companies will need to conduct a data protection audit”
Until 2018, companies will need to conduct a data protection audit, according to European Directive No. 679/2016 which is to be enacted in Romania as well, said Mihaela Cracea, Managing Associate at Pachiu & Associates.
Mihaela Cracea: “The supplementation of a security audit with a personal data protection audit has not been enough debated so as to raise the awareness of all organizations and be accordingly...
The National CyberSecurity Conference / Mihaela Cracea, PACHIU & ASSOCIATES:
Until 2018 companies will need to conduct a data protection audit”
Until 2018, companies will need to conduct a data protection audit, according to European Directive No. 679/2016 which is to be enacted in Romania as well, said Mihaela Cracea, Managing Associate at Pachiu & Associates.
Mihaela Cracea: “The supplementation of a security audit with a personal data protection audit has not been enough debated so as to raise the awareness of all organizations and be accordingly implemented. This year a European personal data protection regulation was enacted (Regulation No. 679/2016, our note) which basically repeals the former directive and reunites, in order to create a uniform system, the national legislation in the EU. This regulation brings many novelties and improves the current legal framework, providing companies with a two-years grace period so as to become compliant with the requirements thereto. Therefore, a question will arise at company level, – is it mandatory to become «compliant»? It will eventually prove to be only a matter of costs”.
Mihaela also added that the audit should provide whether the company processes personal data, who the recipient of such data processing is and then companies shall decide if they want to know their ”compliance status” – (which will involve a lot of resources such as time and money).
(news article taken from Bursa, 15.06.2016)
Leave a reply