Important legal changes
On 25 April 2018, the Chamber of Deputies adopted Draft Law no. 181/2018 approving a first set of measures to be implemented in advance of the coming into force of the General Data Processing Regulation (GDPR) in Romania.
Romania: What are the main changes?
The main measures adopted from our Romanian Data experts summarized are:
- the repeal of Law no. 677/2001 on the protection of individuals with regard to the processing of personal data and the free movement of such data, effective as of 25 May 2018
- an extension of the powers and tasks of the National Supervisory Authority for Personal Data Processing (hereafter “the Authority”), including the right to carry out unannounced investigations of controllers and processors
- the introduction of a 3-year limitation period from the date an act is committed during which the Authority may apply administrative sanctions in accordance with the law and the GDPR the establishment of the mandatory elements to be included in an Authority decision to apply corrective measures
- the establishment a 15-day deadline after notification of the Authority’s control minutes and/or decision during which controllers and processors may challenge, at the competent tribunal, the control minutes and/or decision to apply corrective measures; the controllers and processors are to pay any fines within the same 15-day period
- a boosting of the capacity and resources of the Authority by increasing the number of employees.
The Draft Law has been submitted to the Senate for approval and will come into force subject to promulgation by the President of Romania and publication in the Official Gazette.
Protection of personal data
It should be noted that the GDPR comes into force on 25 May 2018 and replaces current legislation for the protection of personal data in the processing and transfer of data.
The new legislation strengthens and reinforces the rights of individuals, introduces new obligations for controllers and processors and establishes administrative sanctions of up to EUR 20 million or up to 4% of the total worldwide annual turnover.
Source: www.cdep.ro