As of 25 May 2018, we started to apply Regulation 2016/679 of the European Parliament and of the Council (EU) of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), the so-called GDPR. The new provisions replaced the previously functioning Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, which was implemented into the Polish legal order by the Personal Data Protection Act of 1997.
The introduction of new legal regulations in the field of personal data protection, at the level of the EU regulation, was undoubtedly necessary. The development of the Internet allowed for a remarkable increase in the speed of information flow. At the same time, however, the amount of our personal data processed online, often beyond our control, has also increased significantly. The EU legislator has recognised this problem. The main objective of the GDPR is precisely to prevent the uncontrolled spread of our personal data and to protect them in a targeted manner. Compared to the previous legislation, the GDPR has completely changed its philosophy of data protection, among other things by introducing a number of new legal solutions.
Lawyers of our law firm have been dealing with the issue of personal data protection for years. Thanks to that we can boast a lot of experience in this field. We are particularly distinguished by our knowledge of issues related to the protection of sensitive data, especially medical data, whose protection standards significantly exceed other types of data. 10 years of work with the issue of medical data protection allows us to provide our Clients with support fully adapted to their needs.
Our data protection services include in particular:
• conducting personal data protection audits,
• preparation and implementation of personal data protection documentation (including information clauses, register of personal data processing activities, Data Protection Impact Assessment, DPIA, contracts of entrustment of personal data processing, data security policy, internal registration procedures and reporting of data protection violations),
• training on the principles of personal data processing for employees and associates of the Clients,
• ongoing advice on the security of personal data (including possible IT support),
• the services of the Data Protection Officer (DPO),
• representation in proceedings conducted by the Personal Data Protection Office,
Contact: Maciej Łokaj