On January 28, the 15th edition of Data Protection Day is celebrated. This day aims to make civil society aware of the rights related to the protection of personal data and privacy.
Data Protection Day marks the day of signing Convention 108 – the first international legal instrument on the protection of personal data – celebrated on January 28, 1981.
The importance of data privacy
We are all aware that data is becoming extremely important for the economy and for our daily lives, existing more and more in abundance and with potential uses that many of us probably do not even imagine. Although this reality offers incredible opportunities, it is necessary to provide robust rules to deal with potential risks for individuals, for companies and for democracies in general.
At Contisystems, the reality and concern of dealing with personal data has been going on for many years and this has always been reflected in technical and organizational security measures that are being created and adapted to the risk of each situation.
The appearance of the GDPR
In 1998, Law 67/98 – Law on the protection of personal data – was published, which already referred to obligations similar to the GDPR.
Although the GDPR came into force in May 2016, its legal application only started two years later, in May 2018, allowing companies time to prepare. And it was only in 2019 that the first law on the protection of personal data (Law 67/98) was repealed, through Law 58/2019, of 09/08/2019, which transposes the GDPR into national law.
The big change in terms of data protection imposed by the GDPR was the fines values regime, that may now represent very large amounts. This was the main boost that led companies to start looking at data protection as a financial risk that they should insure and control.
Also, the appearance of the position “DPO – Data Protection Officer” changed the paradigm of organizations, imposing the existence of a position with direct reporting to the highest level of the organization of all issues related to the protection of personal data.
In June 2019, Contisystems took another step in its path of information security management with ISO 27001 certification, which reflects the recognition of the work done so far in protecting our customers’ data.
Ensure data protection and prevention actions
Twenty months after the entry into force of the General Data Protection Regulation, we see that this regulation has acted as a catalyst to put data protection at the center of the debate in the most varied sectors.
With this path and already some years of practice in data management, we invest in technical and organizational measures that we consider most critical to ensure its protection and prevent its violation. We can’t resist sharing some examples:
- Raising awareness and training staff in information security and data protection;
- Technical solutions for Data Loss Protection, multi-factor authentication, monitoring platforms, incident management applications, among others;
- Data protection by design and by default, undergoing prior impact assessments that make it possible to apply protection principles effectively and include the necessary guarantees in the treatment. Thus, we simultaneously protect our legal compliance and the rights of data subjects.
We have always worked diligently to protect our data and the one our customers trust us with. Data Protection Day is always marked here to keep in mind the importance of this theme in everyone’s daily life.