Data protection becomes important issue, as IT overwhelmed business. The EU, issued the General Data Protection Regulation (GDPR). Such principles include collection, organization, structuring, storage, alteration, consultation, use, communication, combination, restriction, erasure or destruction of personal data. They cover, lawfulness, fairness, transparency, purpose, data minimization, accuracy, storage, integrity, confidentiality and accountability. We say, they constitute guiding principles for regulation and compliance processing, to all. The data controllers are responsible for complying and are also accountable and must demonstrate compliance.
The personal data shall be, processed lawfully, fairly and in a transparent manner in relation to individuals. To be collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes. Further processing for archiving purposes in the public interest, scientific or historical research or statistical purposes shall not be considered to be incompatible with the initial purposes. To be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
Be accurate, up to date and reasonable steps must be taken to ensure that inaccurate personal data, erased or rectified without delay. Be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. Personal data may be stored for longer periods as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research or statistical purposes subject to implementation of the appropriate technical and organizational measures required by the regulation in order to safeguard the rights and freedoms of individuals. Be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical measures.
The GDPR covers the issue in details with the prime aim of protecting the personal data, which is a part and parcel of the personal rights of each individual. What is important, there are very stiff penalties against violators of the GDPR. Giving the regulation, sharp teeth to bite is a very good step for appropriate compliance all through by all. The EU took the lead, however, other countries including Bahrain followed suit and issued national laws for data protection. This law in Bahrain reflects international standards to give necessary protection. A step we fully support.
Dr. AbdelGadir Warsama
LEGAL COUNSEL
Email: AWARSAMA@WARSAMALC.COM
