• Nem Talált Eredményt

The Application of GDPR by Corporations – Experiences and Challenges6

N/A
N/A
Info
Letöltés
Protected

Academic year: 2022

Ossza meg "The Application of GDPR by Corporations – Experiences and Challenges6"

Copied!
2
0
0

Betöltés.... (Teljes szöveg megtekintése most)

Letöltés most ( 2 Pldal )

Teljes szövegt

(1)

65

Dr. Norbert Csizmadia

5

The Application of GDPR by Corporations – Experiences and Challenges

6

Establishing GDPR-compliant practices required significant efforts from companies which are controllers or processors of personal data.

These efforts included, inter alia, adoption of new processes, tools, adjusting IT-systems, organizing interdisciplinary work and coopera- tion, training employees and raising awareness amongst their clients.

Large enterprises were in a better position to tackle these challenges, as they could allocate the necessary resources to their compliance pro- jects. The participants agreed that the preparations required significant investments, and even with having the necessary resources at hand, the two-year long transition period proved to be too short (e.g. soft- ware vendors realized their solutions are not able to provide a delete function, development took a significant amount of time). Companies chose different approaches to reach their aims – in certain cases the process is managed by their corporate headquarters, in other cases the local subsidiaries are trusted to run their own compliance program.

However, GDPR is not only applicable to multi-national enter- prises. Small companies or self-employed entrepreneurs face similar challenges, but they are not able to employ legal or data protection professionals. The participants of the discussion – with the active par- ticipation of the members of the audience – tried to find the answer

5 Corporate Counsel, National Instruments

6 Summary of the Roundtable Discussion with the Members of the AmCham (Ameri- can-Hungarian Chamber of Commerce) Regulatory Committee representing major corporations on the Hungarian market.

(2)

66

whether following a reasonable approach, proportionate with the size, nature and risk profile of the given data processing would help to miti- gate the risks associated with a potential non-compliance – it is at least questionable whether the state authorities will find the “reasonable”

approach satisfactory.

The panelists highlighted that the data protection authority could take on a greater involvement in providing individuals with more detailed guidance to foster the effective exercise of their rights granted by the GDPR, and in providing more detailed guidance to small and medium-sized enterprises, to assist their compliance efforts. National legislation should also speed up the process of adjusting sectorial laws with the GDPR, filling the legislative gaps and eliminating parallel reg- ulations.

Is the so-called “GDPR-panic” over? Definitely not. Understanding the GDPR requires a mindset change. Data controllers and data sub- jects need to understand concepts like pseudonymization of data or privacy by design; common people need to learn what consent or legit- imate interest is, and how they can exercise their rights granted by the Regulation.

Two questions remain unanswered, though.

1. Are national data protection authorities now ready to oversee com- mercial companies’ compliance with the legislation, protecting the individuals’ rights?

2. Will these authorities provide the same level of protection for the individuals vis-á-vis state offices?

Hivatkozások

Letöltés most ( PDF - 2 Pldal - 47.80 KB )

KAPCSOLÓDÓ DOKUMENTUMOK

WHAT A WORLD IS COMING? GDPR, OF WHICH EVERYONE SHOULD KNOW

As known to many, The General Data Protection Regulation (abbreviation: GDPR) is a regulation of the European Union that protects the personal data of natural

The Sight, the Voice and the Deed: an Introduction to Drama

But this is the chronology of Oedipus’s life, which has only indirectly to do with the actual way in which the plot unfolds; only the most important events within babyhood will

MAGYAR KÖZLÖNY

(3) A reply to the readmission application shall be sent by the competent authority of the requested Contracting Party to the competent authority of the requesting Contracting

Modelling Data Protection in Fog Computing Systems using UMLsec and SysML-Sec

Problem statement: Data protection aspects should be taken into account during system design. For example, the GDPR requires that data processing systems ensure data protection

The Growth and Decline of Research on the History of Adult Education in Contemporary Hungary: Trends and Issues of Historical Research from 1993 to 2013 | Education Sciences

Major research areas of the Faculty include museums as new places for adult learning, development of the profession of adult educators, second chance schooling, guidance

A brief discussion of the socio-political context of multiculturalism in the USA | Education Sciences

Any direct involvement in teacher training comes from teaching a Sociology of Education course (primarily undergraduate, but occasionally graduate students in teacher training take

The State-of-the-Art of Content Analysis | Education Sciences

The decision on which direction to take lies entirely on the researcher, though it may be strongly influenced by the other components of the research project, such as the

Perceptions of the changes in the Finnish art education curriculum | Neveléstudomány

In this article, I discuss the need for curriculum changes in Finnish art education and how the new national cur- riculum for visual art education has tried to respond to