Personal data protection
Act no. 122/2013 of the Codex as amended
Act no. 122/2013 about the personal data protection
and its application
An amendment to the Act about personal data protection is in force from the year 2013. This amendment assigned to the companies an obligation to to protect all personal data they work with throughout the business activities performed. Personal data are tied to the individuals only, so the data of corporate entities or self-employed are not concerned. Among the most common personal data belong name, surname, address, date of birth, identification number, or combination of these data. Some conditions of the Act were changed by full wording of the Act under no. 84/2014 in May 2014. In addition to this, the Office for personal data protection issues various guidelines that have explanatory nature of some of the act requirements. Mainly it includes requirements related to usage of video surveillance systems, e-shops, cloud services, biometric data and alike.
We supported many companies with implementation of the Act about personal data protection. I doesn't matter what is the company's core business, usually each company has at least employees, whose personal data have to be protected. This protection is documented in a security directive or in a security project, depending on if you process the data on a computer that is or is not connected to the internet. Each company has different "kinds" of the personal data, that have to be protected. Due to this, the initial analysis of so called (based on the law definition) "information systems" is the key for creating security documentation that is tailored to the needs.