How to adapt the LOPD to the new European Data Protection Regulation?

Does your company comply with the Organic Data Protection Act (LOPD)? If your company uses any personal data for the development of its activity, it must adapt to the new European Data Protection Regulation before May 25, 2018.

What is the LOPD?

Organic Law 15/1999 of December 13 on the Protection of Personal Data, (LOPD), is a Spanish organic law that aims to guarantee and protect, with regard to the processing of personal data, the public liberties and fundamental rights of individuals, and especially their honor, privacy and personal and family privacy.

Organic Law that aims to guarantee and protect, with regard to the processing of personal data, public liberties and fundamental rights of individuals, and especially their honor, privacy and personal and family privacy.

What is considered personal data?

Personal data refers to any information that can be linked to an individual. Here are some examples of personal data:

In general, personal data can be divided into two categories:

Standard Personal Data:

Standard personal data refers to name, address, date of birth, position, contact information, etc. This data can be processed and stored by a company through an agreement.

Sensitive Personal Data:

Sensitive personal data refers to health conditions, information about union membership, ethnic origin, political conviction, etc. In general, sensitive data should not be processed although there are some exceptions, such as: express consent for the processing of such personal data for one or more specific purposes, marketing agreements, etc.

Who is required to comply with the New European Data Protection Regulation?

On December 15, 2015, after four years of negotiations, the European Parliament, the European Council and the EU Commission agreed on the text of the General Data Protection Regulation, which will enter into force on May 25, 2018 in the EU.

The EU's General Data Protection Regulation is a new legal framework for how EU countries should treat personal data. To meet data protection requirements, your company will have to make a series of changes compared to current legislation.

The general EU regulation on data protection will replace the current directive, which is no longer considered to be in line with the evolution of information technology and society.

El objective of the Regulation is, first of all, to face the challenges created by technological advances and globalization, but also to ensure that the legislation in all EU member states is completely identical.

Las rules of treatment of the regulations are based on the following principles: legality, fairness and transparency.

However, although the principles for the use of data remain the same, both in the current Data Protection Act and in the next Regulation, there are still a wide range of new features that will lead to significant changes in data protection legislation, and that will affect all companies and public authorities to a certain extent.

The new legislation will take effect on May 25, 2018, but due to the scope of the changes and the consequences of non-compliance, it is recommended that preparations for the Regulation begin as soon as possible.

Personal data legislation is a multifunctional responsibility in the company that affects the legal, IT, sales, human resources and marketing departments, as well as management.

How to comply with the LOPD?

Do you know if you are required to comply with the LOPD? If so, do you know if your company processes personal data correctly? What are the implications of the new regulations for companies? Surely you have a lot of questions that right now you wouldn't know how to answer or where to start, it's normal, it's not a simple topic, that's why Novicell offers you several options so you can learn more about this topic in detail.

We have prepared a document in which we detail the most relevant information about the new General Data Protection Regulations of the European Union, what are the most important changes, how you can carry out a methodological analysis of the company's personal data, how to carry out a strategic implementation and 10 recommendations for execution.

We recommend that you start prepare for the application of the Regulation as soon as possible. The advantage of starting to implement the changes is that it will allow us to detect difficulties, deficiencies or errors at a stage where these measures are not mandatory and, consequently, their correctness or effectiveness would not be subject to oversight. This would make it possible to correct errors by the time the Regulation applies.

On November 23, we held a seminar on the New Data Protection Regulations, their implications and developments from a legal and technological point of view in our offices in Barcelona with the collaboration of AGM Abogados law firm. The presentation was given by Ana García (Commercial Law Attorney) and Asger Laursen (Technology Architect). If you want to consult our upcoming seminars you will find all the information on the page of Novicell seminars. If you want us to let you know, subscribe to our newsletter and we'll keep you informed.

How can we help you?

If you need more information, do not hesitate to contact us.