Malta Data Protection Consulting : Chetcuti Cauchi Advocates : Data Protection Compliance IT Lawyers malta data protection data protection audits dpa data data protection unit protection law, audit, auditing, data, protection, compliance, security, unit information technology,

Data Protection

NEWS: DATA PROTECTION ACT:
Closing Date for
Notification Extended -
Notification Fees - Reduced

In terms of the Data Protection Act, whoever keeps or otherwise processes any personal data in relation to employees, clients, memberships or any other individual had to notify the Commissioner for Data Protection by not later than the 15th April 2004. This original notification period has now been extended to 14th July 2004.

Also, following a thorough review of the Commission's budget, a radical revision of the fee structure has been carried out. The tariff - previously based on the number of employees and varying from Lm 20 to Lm 1000 per year - has been changed to a flat fee of Lm 10 for all employers (independently of the number of persons employed) and no charge for persons who work on their own and therefore have no employees.

DATA PROTECTION COMPLIANCE SERVICES

Our Data Protection Unit has created a four-tier approach to ensuring a satisfactory data protection compliance procedure by the client:

1. Identification: Initial compliance including audit by the firm held in conjunction and direct relationship with the client. This provides the firm with an initial snap-shot of the situation within the client's environment. The initial audit to be carried out by the firm will focus mainly on data held in electronic format and processed automatically however focus will also be given for data stored/processed manually since this will also require compliance at a future date.

2. Awareness Raising: The firm and the client may at any stage agree to devising customized awareness raising sessions amongst internal representatives of the client.

3. Ongoing Identification and Fine Tuning: The firm provides ongoing advice, necessary legal drafting of any policies, forms and website content as well as notification and reporting of any new legislation in this field which may have an impact on the client.

4. Services of a Personal Data Representative: The firm at this stage will act as intermediary between Data Protection Commissioner’s Office (DPC) and the Client, as well as any sectoral regulator where applicable. The role of the firm will be that of providing support and clarification as well as advocate on behalf of the client with the DPC.

The firm will also indicate to the DPC the daily realities of work carried out by client and the way in which this must be taken into consideration by the DPC when issuing regulations of direct interest to the client. The firm intends to acquire accreditation from DPC once this is offered so as to ensure a more comprehensive accredited service for the client. The firm will also provide assistance via written submissions to the DPC on behalf of the client with regards to special legislation and subsidiary regulations addressed to the sector in which the client operates specifically.

The Overriding Policy of our DPU

While we will not hesitate to advise on any radical changes to be effected to bring the client in conformity, our DPU’s emphasis is on making those minimal changes absolutely necessary to bring the client in line with current legislation so as to ensure that the clients’ core operations continue uninterruptedly.

Our Data Protection Unit

The Maltese Data Protection Act

>> contact us @ dp@cc-advocates.com