Since today the public institutions could formally ask INAI for the validation and the recognition of the best practice which have been projected in order to guarantee the personal data protection. All these schemes will be centred in the microsite of the National Institute for the Transparency, the access to information and the personal data protection INAI, it will implement the Register of systems of good practices in the field of personal data protection, developed by the public sector.
From today, public institutions will be able to formally request INAI to validate and recognise the Best Practices they have devised to ensure the protection of the personal data in their possession. Only Best Practice Schemes that meet the requirements set out in the General Law on the Protection of Personal Data Held by Obligated Persons will be recognised and included in the Register.
The aim is to harmonise the processing of personal data in the public sector, integrate the provisions laid down in the regulations, increase the level of protection, facilitate the transfer of personal information, and optimise the exercise of ARCO rights (Access, Rectification, Cancellation and Opposition). With these practices developed by public institutions, the objective is to raise the level of protection in the processing of personal data, through measures that have been implemented and accepted as standardised security methods, as well as to demonstrate before the Institute compliance with the applicable regulations in the matter of personal data protection.
In accordance with the operational rules, INAI will process applications for validation and recognition of good practice schemes starting this Monday. All these schemes will be concentrated in the microsite, which is already available and has several sections that can be consulted by managers or officers who decide to opt for one of the different practices, as well as the necessary requirements and procedures set out in the Registry’s Operating Rules.