Conferences regarding the application of the General Data Protection Regulation (May 2019)
On the 21st of May 2019, the representatives of the National Supervisory Authority for Personal Data Processing participated at the event “GDPR Talks 2019 – One year of GDRP”, organised by Concord Communication.
During the first panel of the event, there were discussions about the status of the application of Regulation (EU) 679/2016 in Romania in 2019, including the application at the level of public institutions.
On this occasion, the representatives of the National Supervisory Authority presented a balance sheet of their own activity after a year of application of the new data protection rules.
The participants were also provided with statistical data on the work of the Authority, i.e. the number of registered data protection officers, the data security breaches notified to the authority, the investigations carried out and the sanctions applied.
The second panel of the event was dedicated to discussions on the application of the provisions of Law no. 190/2018 on implementing measures of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing of Directive 95/46/EC (General Data Protection Regulation).
With this occasion, the issues concerning the application of GDPR in the context of labour relations, as well as aspects related to the appointment of a data protection officer, to data security and to the notification of data security breaches were assessed.
On the 23rd of May 2019, the representatives of the National Supervisory Authority for Personal Data Processing attended the Conference with the theme “Data Protection; Solutions and responsibilities – one year after the entry into force of the GDPR”, organised by the Bucharest Chamber of Commerce and Industry and Universul Juridic Publishing House.
The event carried out an analysis of the level of compliance one year after the entry into force of the General Data Protection Regulation and came to the support of companies and public authorities by clarifying a number of aspects of the Regulation such as: the main targeted controller; dilemmas in the interpretation of the Regulation; evaluation of contracts, policies, procedures and notifications related to the processing of personal data in order to establish the compliance with the provisions of the Regulation; the role and effectiveness of a data protection officer; steps to be taken and recommendations, effective solutions to comply with the Regulation.
On this occasion, the representatives of the National Supervisory Authority brought to the attention of the participants, within the specific panel, important aspects regarding the Procedure of carrying out investigations by the Authority, namely: the legal framework; type of investigations; the arrangements for conducting investigations; the staff’s duties during the investigation; the main obligations of the controlled controller; sanctions and corrective measures; appeals against the report of the investigation and decisions issued by the Authority, as well as statistics related to the control activity from the 25th of May 2018 to the 15th of May 2019.
The events, also reflected in the media, were marked by interactive discussions, which demonstrated the participants’ interest in complying with the new rules of personal data processing.
Legal and Communication Department
ANSPDCP