Second Training on 'New Data Protection Requirements – Legal and Organizational Aspects of GDPR Implementation'

Alexandra Tsvetkova, Director of LIBRe Foundation and an expert on legal aspects of information technology and personal data protection, led a training, organized by Regional Center of the Scientific and Technical Specialists - Rousse on 14 June 2018, on the new aspects of personal data protection focusing on the basic principles of lawful processing, the duties of an organization as a data controller or a data processor including with respect to their employees’ duties, the Regulation 2016/679 compliance framework and the implementation of the necessary technological and organizational measures to achieve this compliance.

The purpose of the seminar was to provide the attendees with an understanding of the categories of personal data processed by their organizations, and how information flows and links in the exchange of information within the organization and between the organization and third parties affect the rights of their users, customers and partners; to clarify what organizational, legal and technical measures the organization has to undertake to protect the personal data being processed by the organization and how this affects the work of the employees and the communication with third parties; as well as providing detailed information on the ways of achieving compliance with the requirements of the General Data Protection Regulation.

A special session was dedicated to data processing at work, including from monitoring ICT usage at the workplace, involving vehicles used by employees, using video monitoring or access control systems, as well as the specifics of data processing based on periodic update of the health status of the employees.

Applied Research