Data Protection Directive

From Open Risk Manual

Definition

Data Protection Directive is Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing of Personal Data and on the free movement of such data (also known as "Data Protection Directive") is the centrepiece legislation at EU level in the field of data protection.

The Directive is a framework law, meaning that it is implemented in EU Member States through national laws.

It aims to protect the rights and freedoms of persons with respect to the processing of personal data by laying down guidelines determining when the processing is lawful. The guidelines mainly relate to:

  • the quality of the data;
  • the legitimacy of the processing;
  • the processing of special categories of data;
  • information to be given to the data subject;
  • the data subject's right of access to data;
  • the right to object to the processing of data;
  • the confidentiality and security of processing;
  • the notification of the processing to a supervisory authority.


The Directive also sets out principles for the transfer of personal data to third countries and provides for the establishment of data protection authorities in each EU Member State.

References

Retrieved from "https://www.openriskmanual.org/wiki/index.php?title=Data_Protection_Directive&oldid=26050"
  • Creative Commons Attribution-NonCommercial-ShareAlike
  • Powered by MediaWiki
  • Powered by Semantic MediaWiki