Responsibility: Personal or organisational?
Share article:
You may also like to read
With new data protection laws coming into force, does this change the responsibility? Is it personal or organisational? Is responsibility on the data controller or the data processor?
Ultimately, your organisation is responsible for the personal data it collects! If you pass the information you gathered to a third party for processing, you must ensure that the processor treats the data the same way you would.
You are a data controller if your organisation keeps or processes any information about living people. If you process personal data but do not have responsibility for that personal data, then you are simply a data processor.
What is clear from the new GDPR laws is the increased responsibilities of organisations to perform improved levels of consent notification to individuals about their data. The accountability principle (article 5[2] of the EU GDPR), requires your organisation to demonstrate that you comply with the principles and states explicitly that it is your organisations’ responsibility. “But how can I demonstrate that I comply?” For more information on this and more, our training courses help you find your way.
However, the personal levels of responsibility are not apparent at first glance. Organisations are required to help create a responsible culture; a shift to training staff under the GDPR is a strong recommendation to provide proactive education and raise awareness of the individual’s responsibilities, which is where our training courses are designed to help you!