Data Storage

Storage And Use Of Employee Personal Data

ductb stationary data of worker grad/b constituent - value protected

Federal Act No. 152-FZ of 27 July 2006 on personal data is the main instrument governing the processing and use of personal data. It entered into force six years ago, in 2011, and has undergone some changes and has been updated on several occasions. As of 1 July 2017, a new change is entering into force: the administrative responsibility of the employer (personal data operator). The Act of 7 February 2017 No. 13-FZ broadened the grounds for employers to be held accountable for the protection of personal data, and fines also increased. For example, officials may fine between 3,000 and 20,000 roubles, CPs between 5,000 and 20,000 roubles, and organizations between 15,000 and 75,000 roubles.

Financial recovery may be obtained if:

  • The processing of personal data was carried out in cases not provided for in Russian law; the fine would also be imposed if the entity whose data were processed did not give its written consent;
  • The operator has not published or provided the possibility of unrestricted access to the personal data processing policy or protection information;
  • No information was provided to the data-processing entity;
  • The operator refused to provide, at the request of the subject, personal data or its representative, information on the clarification, freezing, destruction of data. In the case of incomplete, obsolete, inaccurate, illegally obtained or not necessary for the stated processing purpose;
  • The operator did not ensure that personal data were properly stored when processing personal data without using automation equipment. storage of their material bearersif this has led to improper or accidental access to personal data. This, in turn, has caused their destruction, proliferation, blocking, altering, copying, supplying or any other act that is unlawful;
  • Failure by public or municipal officials to perform personal data obligations for the default of personal data or for breach of the requirements of the process.

Related posts:

  1. Storage Of Personal Data
  2. Storage And Destruction Of Personal Data
  3. Storage And Use Of Personal Data