Lost your Password?
Click Here
Don't have an account?
Register Here
Welcome to the EuroPris Knowledge Management System. The table below shows questions and responses from European National Agencies. Select a question for more information or use the filters on the left to narrow down questions based on Agency or Category.
Want to ask a question? Please read our guidance information found here: Submitting a KMS Question
← Back Search KMSThis content is only available to registered members of EuroPris.
Introduction: As from May 2018 the Personal Data Protection Act will be replaced by the General Data Protection Regulation (AVG: EU 2016/679). This regulation is considered as imperative law for the European member states. The personal data processed by government agencies, which are processed as part of police and judicial activities, fall under a more specific legal act of the Directive EU2016/680. The resultant Dutch implementation Act is “in the making”. This implementation Act is considered as a lex specialis to the general regulation. The rights of parties involved will be reinforced through the above-mentioned legislation. When a party involved suffers damage as a result of a processing which violates the provisions established by virtue of the Directive EU 2016/680, it must be compensated by the party responsible for the processing or by an authority authorised according to Member State law. The formulation in the Directive EU 2016/680 is that the term „damage” must be interpreted broadly in view of the administration of justice of the Court of Justice, in a way that fully justifies the objectives of the above-mentioned directive. Certain processings of personal data of parties will not fall under the scope of the Directive 2016/680; they fall under the scope of the AVG. When the rights of the parties involved are violated, a fine of at most 20 million euros may be imposed by the regulator (Dutch Data Protection Authority (Dutch DPA). The DPA will have to account for its supervision(incl. sanctioning policy) on a European level as from May 2018. Within the Netherlands the Medical Treatment Contracts Act applies (WGBO: Dutch Civil Code 7:446 up to and incl. 7:468) as lex specialis with regard to the privacy legislation.
SPS is unable to provide a meaningful response to the question as structured.
Which generic actions have been applied in the field of legislation and policy, amongst others?SPS is unable to provide a meaningful response to the question as structured.
The rights of the parties involved are reinforced: which actions are applied to meet the rights of the parties involved?SPS is unable to provide a meaningful response to the question as structured.
Exchange with chain partners is relevant for the reintegration: which actions do EU member states apply to guarantee the privacy in the chains in conformity with the above-mentioned statutory frameworks?SPS is unable to provide a meaningful response to the question as structured.
This content is only available to registered members of EuroPris.
Concerning the implementation of the Directive EU 2016/680, two approaches have been considered: a) placing the requirements of the directive into existing sectoral regulations (Code of Criminal Procedure, Code of Misdemeanour Procedure, Law Enforcement Act, Police and Border Guard Act, Imprisonment Act) or b) drafting a brand new regulation in order to gather the requirements of the directive regarding the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties into one overall Act. So far the latter approach seems to be prevailing. Also in order to specify certain articles of the General Data Protection Regulation 2016/679 an Implementation Act of General Data Protection Regulation 2016/679 is being drafted. The Implementation Act will replace the existing Personal Data Protection Act implementing the requirements of the Directive 95/46/EC. In addition the references to the Personal Data Protection Act in existing regulations have to be replaced with the references to the new planned Implementation Act of General Data Protection Regulation 2016/679. Also the legal basis for the processing of personal data and other provisions of the existing regulations concerning the processing of personal data have to reviewed and amended if not in compliance with the prospective data protection regulations - General Data Protection Regulation 2016/679 and the Directive EU 2016/680.
Which generic actions have been applied in the field of legislation and policy, amongst others?An implementation plan for the implementation of the new data protection framework - General Data Protection Regulation 2016/679 and the Directive EU 2016/680, has been drafted by the Ministry of Justice and will be forwarded to the parties involved for approval soon. The drafts of the two new Acts are expectedly forwarded to the parties involved for approval in spring 2017 and to the government of the republic for approval in summer 2017. The two new Acts will expectedly come into force in spring 2018.
The rights of the parties involved are reinforced: which actions are applied to meet the rights of the parties involved?The rights of the parties involved are reinforced by complying with the existing and prospective data protection regulations.
Exchange with chain partners is relevant for the reintegration: which actions do EU member states apply to guarantee the privacy in the chains in conformity with the above-mentioned statutory frameworks?Can't answer to the question, because we couldn't understand it and the explenation was asked.