Juridical Tribune (Jun 2018)
The General Data Protection Regulation: what does the public authorities and bodies need to know and to do? The rise of the data protection officer
Abstract
On 25 May 2018, the General Data Protection Regulation will come into force in all the Member States of the European Union, replacing the Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data and, additionally, in Romania, the Law no. 677 dated 21 November 2001 on the protection of individuals with regard to the processing of personal data and the free movement of such data. This paper intends to analyse the regulation’s provisions regarding the public authorities and bodies of a Member State, in order to discover how Romanian authorities should envisage to organise the processing of personal data. We shall reveal the steps that have to be taken by the respective entities of the State. Among the most important steps, we consider it essential to designate a data protection officer. Having in view that the European regulation expressly provides that those entities must designate a data protection officer, in this paper we shall emphasize what are the tasks, the role, the responsibilities, the qualities of the data protection officer.