In order to support local authorities into their compliance with the GDPR, the CNIL has developed a guide on the awareness.
How communities are influenced?
The local authorities process a huge amount of personal data, whether it is manage of public services of which are responsible (maritatial status, scholar subscriptions, electoral roll). of the management of their human resources, the security of their locals (control of the access by badge, video surveillance) or their website. This trend will be reinforced by the digital transformation of public action.
In this context, personal data protection legislation respect is nowadays an element of transparency and confidence for citizens and the agents, always more sensitized to personal data protection. It is also a juridical guarantee for the functionars chosen as responsible for files and the applications used in their communities.
The General Data Protection Regulation’s principles (GDPR) are in compliance with the Data Protection Act of 1978. Anyway, the CNIL is aware that the compliance with the GDPR sometimes can be complex and that the importance of what is at stake justifies a specific support.
In addition, in order to support local authorities in their compliance with the GDPR, the CNIL has developed an awareness guide.
Which action plan should we implement in order to become in compliance? This guide is intended to small and medium municipalities as well as their intercultural association, that have not internal resources specifically dedicated to the personal data protection.
It offers key for the comprehension of the fundamental principles, highlights to acquire, an action plan that need to be respected and practical papers.
Discuss the conditions for appointing the data protection officer so that each community can identify the method that best suits their situation.
To develop this guide, CNIL turned to leading associations bringing together different levels of communities and other organisations working with the local public sector. This support allows you to provide concrete and appropriate responses to communities. This guide is currently sent in a hard copy to all town halls in metropolitan France and abroad.
In addition to this awareness guide, datasheets for the main areas of interest for local authorities have also been published on the CNIL website. This section will be updated regularly in the coming months. The CNIL will also offer a free online course on GDPR and communities.
The CNIL will be present at the next exhibition of mayors and local authorities from 19 to 21 November, Pavilion 4, Stand B 33.
cnil-guide-collectivite-territoriale SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA FRANCIA – CNIL