Processing and pilot verification of the GDPR implementation methodology in the IT environment of public universities
Provider: CESNET z.s.p.
Programme: Fond rozvoje CESNETu
Implementation period: 17.05.17 - 17.05.18
Workplace:
Univerzita Pardubice - Oddělení správy systémů a sítí
Investigator: Slanina Jiří
Description:
After several years of preparation, the European Parliament approved a new European Regulation 2016/679 on the protection of personal data (OLAF), known as the General Data Protection Regulation (GDPR). This document, which replaces the European Directive 95/46EC and the national regulations of the EU Member States on the protection of trade marks, takes the form of a regulation. It is therefore binding and has direct effect in the legal order of each EU country. Its declared objective is to strengthen the fundamental rights of citizens in the digital age and to support a single European digital market. The GDPR has been in force since 25 May 2018, which means that until then, all EU legal entities must adapt their internal rules, procedures and systems working with physical data in order to demonstrate their acceptance of GDPR. What has prompted the GDPR Regulation to raise awareness and the serious concerns of many responsible employees is - beyond the scope and foreseeable implementation costs - greater emphasis on the data subjects' rights and redressing the obligation of processors, especially in relation to very high sanctions for non-compliance. This project was designed to analyse the legal and technical impacts of GDPR for IT in the academic environment in the Czech Republic, to work on examples of good practice and to create the basis for further larger projects and longer-term activities in this field. With the planned outputs, the project wants to help prepare GDPR not only for project participants, but all members of the CESNET association.
After several years of preparation, the European Parliament approved a new European Regulation 2016/679 on the protection of personal data (OLAF), known as the General Data Protection Regulation (GDPR). This document, which replaces the European Directive 95/46EC and the national regulations of the EU Member States on the protection of trade marks, takes the form of a regulation. It is therefore binding and has direct effect in the legal order of each EU country. Its declared objective is to strengthen the fundamental rights of citizens in the digital age and to support a single European digital market. The GDPR has been in force since 25 May 2018, which means that until then, all EU legal entities must adapt their internal rules, procedures and systems working with physical data in order to demonstrate their acceptance of GDPR. What has prompted the GDPR Regulation to raise awareness and the serious concerns of many responsible employees is - beyond the scope and foreseeable implementation costs - greater emphasis on the data subjects' rights and redressing the obligation of processors, especially in relation to very high sanctions for non-compliance. This project was designed to analyse the legal and technical impacts of GDPR for IT in the academic environment in the Czech Republic, to work on examples of good practice and to create the basis for further larger projects and longer-term activities in this field. With the planned outputs, the project wants to help prepare GDPR not only for project participants, but all members of the CESNET association.
