Naslov
Duty of Independence under Data Protection Law

Autori
Šago, Dinka ; Vukušić, Ivan

Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni

Izvornik
25th International Conference on Software, Telecommunications and Computer Networks - Symposium on information security and intellectual property (ISIP) / Boban, Marija ; Ježić, Gordan ; Weber, Mario ; Begušić, Dinko ; Rožić, Nikola - Split : Fakultet elektrotehnike, strojarstva i brodogradnje Sveučilišta u Splitu, 2017, 12-17

ISBN
978-953-290-077-4

Skup
25th International Conference on Software, Telecommunications and Computer Networks - Symposium on information security and intellectual property (ISIP)

Mjesto i datum
Split, Hrvatska, 21.09.2017. - 23.09.2017

Vrsta sudjelovanja
Predavanje

Vrsta recenzije
Međunarodna recenzija

Ključne riječi
Data protection officer ; company lawyer ; General Data Protection Regulation ; criminal offence

Sažetak
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) take direct effect in all 28 Member States and replace and harmonise existing national law requirements relating to the role and responsibilities of a Data Protection Officer (DPO). In this paper we will analyze the position of company lawyers who are data protection officers. The appointment of a DPO can reduce or eliminate an organisation's notification obligations with the local data protection authority. The appointment of a DPO within a large organization will be a challenge for the Board. On the other hand the role of DPO is important because it keeps management informed regarding their obligations under the Regulation, and is the primary contact point for supervisory authorities. He or she must be involved in all areas of data protection within the organisation he/she works with, and must be notified of all data processing and protection issues. We will analyze involvement of the DPO in all issues relating to the protection of personal data. Company lawyers who are data protection officers are obliged by law to exercise their responsibilities with independence and in an autonomous manner. Regulation contains some provisions designed to protect the independence of data protection officers, such as – they should be appointed for a period of at least four years and may not be dismissed unless he/she no longer fulfils the conditions required for the performance of their duties, they should report directly to the head of the company's management. Regulation oblige Member States to protect this independence through appropriate safeguards enshrined in national law. Paper will analyze also criminal aspect of data protection referring on Criminal Code in Croatia. Two most significant criminal offence are Unauthorized disclosure of professional secret in Art. 145. and Unauthorized use of personal Data in Art. 146. Paper will show characteristics that are common for both criminal offence but also main difference between them. Considering aspect of definition of criminal offence, predicted criminal frame of sanctions will also be analyzed in order to see how prescribed sanctions are appropriate to protect legal good of personal life.

Izvorni jezik
Engleski

Znanstvena područja
Pravo

POVEZANOST RADA