Data protection has become an important issue, as IT overwhelmed businesses.
The EU has issued the General Data Protection Regulation (GDPR). Such principles include collection, organisation, structuring, storage, alteration, consultation, use, communication, combination, restriction, erasure or destruction of personal data.
They cover lawfulness, fairness, transparency, purpose, data minimisation, accuracy, storage, integrity, confidentiality and accountability.
We say, they constitute guiding principles for regulation and compliance processing, to all. The data controllers are responsible for complying and are also accountable and must demonstrate compliance.
The personal data shall be processed lawfully, fairly and in a transparent manner in relation to individuals, to be collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes.
Further processing for archiving purposes in the public interest, scientific or historical research or statistical purposes shall not be considered to be incompatible with the initial purposes. To be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
Be accurate, up to date and reasonable steps must be taken to ensure that inaccurate personal data erased or rectified without delay. They should be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
Personal data may be stored for longer periods as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the regulation in order to safeguard the rights and freedoms of individuals.
They should be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical measures.
The GDPR covers the issue in detail with the prime aim of protecting the personal data, which is part and parcel of the personal rights of each individual.
What is important, there are very stiff penalties for violators of the GDPR.
Giving the regulation sharp teeth is a very good step for appropriate compliance all through by all.
The EU took the lead. However, other countries including Bahrain followed suit and issued national laws for data protection. This law in Bahrain reflects international standards to gives necessary protection. A step we fully support.