Wednesday, February 01, 2012
Under new laws proposed by the EU, Organisations with more than 250 employees will have to designate a Data Protection Officer to deal with the personal information of staff and customers.
The European Commission wants to introduce this measure for large employers and those organisations that gather personal information through the course of their business.
The proposal is to replace a whole host of existing rules, which differ from state to state, with a single set of rules for all 27 member states.
Viviane Reding, Vice-President of the European Commission, commented: "Businesses are worried because they are faced with many varied, sometimes contradictory data protection requirements, due to different national laws, due to different ways the national data protection authorities apply these laws, and they are also confronted with a load of notification requirements.
"This leads to legal uncertainty, to legal fragmentation and it makes it difficult for companies, most of all those innovative start-ups ... to do business in the European single market. This is a real extra cost, a real extra burden on our companies."
Other measures proposed by the Commission, and designed to make it easier for individuals to control their own personal data, include an obligation for data controllers to notify the authorities of breaches of data Protection laws.