Amendment of the Data Protection Act

Amendment of the Data Protection Act

Who is obliged to comply?

It is obliged to comply with the requirements set out by the Act every individual or company or a administrative agency, that decide on the function, content and use of the processing of the personal data.

In short, any company processing personal data in any of its forms (paper, electronic or a mix-form) must comply with the amendment.

Basic obligations

In order to be correctly and properly adapted to the requirements of the Law, a company must meet the following:

  • To update their security document that describes how its data system is organized.
  • To apply the policies described in the security report, including the obligation to inform users that their data will be processed and how it will be processed, to ensure the quality of the data and to answer any complaints that users may have regarding such data.

The action guidelines of Grupo MPE are as follows

  • Phase 1: Diagnosis and preparation of a report prior to adaptation, so as to know the current situation of the company, in relation to the new European regulation GDPR.
  • Phase 2: Organizational status study, Manual Elaboration and Registration.
  • Phase 3: Implementation.
*When adapting the companies to the Information Society Services and Electronic Commerce Act (in Spanish “LSSI/LSSI-CE”), the method consists of the same phases.