/ / Principles, conditions and purposes and processing of personal data

Principles, conditions and purposes and processing of personal data

Now no activity is complete withoutinformation. Each organization stores information about employees, partners, and customers. Unauthorized access to them leads to their loss or change, which adversely affects the activities of the firm. The goals of processing personal data in organizations are the same, as it is fixed by law. This is described in the article.

What does processing mean?

Everyone can learn aboutother citizens both in the performance of work duties, and with non-working communication, when viewing the Internet pages, reading the newspaper. This collection of information is not considered processing. It's just getting acquainted with the information.

purposes of processing personal data

If personal information is specifically collectedfor use, storage, it will be the processing of personal data. This process is observed in educational institutions, hospitals. Information is recorded, entered into databases, classified for use for legitimate purposes. If the information is collected by a writer, journalist, then he can use it for creative purposes.

Ways of processing

Personal information is processed in 2 ways:

  1. Automated.
  2. Manual.

The second option involves processing,performed with the participation of a citizen. If this happens without the means of automation, then the data must be separated from the rest of the information. This is done by marking, for example, in the fields of forms. It is forbidden to place personal information on a single medium, if it is known that the purposes of processing personal data are incompatible.

the purpose of processing personal data in the organization

If the personal information of citizens is attributed to differentcategories, then you need to use an individual medium for each species. Which systems can be referred to as automated systems and which ones are not? This is disclosed by the following facts:

  1. Personal information in the personal data system can be processed through a manual process, if their use is performed with the personal presence of a person.
  2. It can not be asserted that data is processed automatically, given that they are in the information system of personal information.

Automated processing is performed withuse of computer facilities. Processing refers to all actions that are performed with the data provided. This process includes collection, recording, use, destruction.

Objectives

The goals of processing personal data in the organization are the same. Information is needed for:

  1. Conclusion, execution, termination of contracts in cases provided for by law and the Charter of the organization. Such transactions can occur with citizens, IP, legal entities.
  2. Personnel accounting of the enterprise, compliance with the law, conclusion and performance of obligations under agreements.
  3. Managing personnel records management, assisting employees in finding work, training, using benefits.
  4. Execution of the norms of tax legislation on the payment of taxes and transfer to the FIU of personal data.
  5. Filling of statistical documents on the basis of the norms of law.

Each purpose of processing personal data inorganization is obligatory for execution, as it is fixed by law. That is why all institutions need information about employees, clients, partners. The goals of processing personal data allow you to conduct business in a legal way.

Rules and order

The head must receive the following information about his employees:

  1. Education.
  2. Work experience, previous position.
  3. Data on the family and their work.
  4. Information about health.

consent to the processing of personal data processing purpose

When processing the information of employees, specialists of the personnel department must follow several rules:

  1. Handle information on the basis of the norms of the law, help in finding a job, assist in training and promotion in a career, monitor the quality of the tasks performed.
  2. Personal information is provided by the employee. If, for some reason, they can not be obtained from an employee, but only from a third party, you must obtain written consent to disclose the information.
  3. A staff member can not independentlyTo use information about religious orientation or trade union activities, if this does not apply to work. If this information relates to working relationships, then a written permit is required.
  4. Supervises the personnel of the personnel department, as well as the execution of these rules by the head.
  5. All employees must sign, confirming that they are familiar with the rules of procedure.

The purposes of processing personal data under Act No. 152are obligatory for execution by each employer. Proceeding from art. 22, the head can perform actions with personal information of employees without notification to Roskomnadzor.

Principles

It is important to know not only the purpose of collecting and processing personal data, but also the principles. They are specified in art. 5 Ch. 2 FZ No. 152:

  1. It is important to observe the legality and integrity of the purposes and methods of processing.
  2. Compliance with the objectives stated in the collection.
  3. Correspondence of the volume and nature of the information being processed, methods to objectives.
  4. Reliability of information.
  5. Inadmissibility of combining databases for incompatible purposes.
  6. Storage in a form that allows you to determine the data subject, and no longer than the goals require. Then they are destroyed.

the purpose of processing the employee's personal data

The objectives of processing the employee's personal data are achieved with the conditions specified in art. 6 Ch. 2:

  1. Execution of processing with the permission of the subjects.
  2. If it is entrusted on the basis of the contract to another person, then confidentiality is important.
  3. Processing of special information in a special order.

There are several exceptions when the subject's permission is not required. This happens when:

  1. The procedure is carried out on the basis of the Federal Law, which establishes its purpose, conditions, and the circle of subjects whose information is to be processed.
  2. Everything is done to fulfill the contract.
  3. It requires the fulfillment of statistical and other scientific purposes.
  4. It is necessary to protect life, health, vital interests, if it is impossible to obtain permission.
  5. Delivery of mail items is in progress.
  6. Professional activity of the journalist is carried out.
  7. Information processing, which is subject to publication on the basis of the law, is being processed.

Consent

To protect a person from undesirableuse of information about him, his consent to the processing of personal data is required. The purpose of processing should be legal, and in other cases it should be prohibited. The consent is given with the device for work, registration of the bank account and at other important transactions.

The uniform form of the permission is not present. It is made in free form on the form used by the enterprise. The period during which the permit is valid is indicated in the document itself. In the same place the purposes of processing of the personal data in the organization are specified.

Responsibility of the organization

The specialist responsible for receiving,processing, storage of personal information, appoints the director of the institution. It also identifies individuals who have access to information. The document must be issued by order. Usually the processing of information is answered by:

  1. Heads of personnel department.
  2. Personnel inspectors.
  3. Heads of personnel.
  4. Deputy Heads of Personnel.
  5. Specialists in work with personnel.

purpose of processing personal data law

Based on Federal Law No. 152, an employee performingthe collection and processing of personal data is the operator. He is the head. The objectives of the processing of personal data in an educational institution are the same as in organizations.

Transfer and storage

Keeping records with personal information aboutworkers carried in refractory cabinets or safes. The keys to them should be the director of the personnel department. If he is absent, then the deputy manages it. If it is necessary to transfer personal information of an employee, a staff member should keep in mind the following rules:

  1. It is forbidden to transfer to third parties personalinformation without written permission. Exceptions are considered when data are required to prevent harm to health and in situations stipulated by law. It is also prohibited to disclose information for commercial purposes without consent.
  2. If it is necessary to transfer data of workers, it is necessary to inform those for whom this information is used, that the information can be used only for the purposes of the request.
  3. A staff member may use only the information necessary for the performance of work duties.
  4. The employee has no right to find out information about the state of health of the employee.

purpose of processing personal data in an educational institution

An exception is considered to be circumstances relating to the question of the performance by employees of their duties.

A responsibility

If employees have violated the collection procedure,processing, issuing information, they are subject to disciplinary and criminal liability under the law. In Art. 5 of the Federal Law states that personal information collected for processing by automated principles or other means must be made in such a way that it is possible to establish a data subject.

purpose of collecting and processing personal data

The definition of the subject can not be longerwhat is required for processing. If it is done, then some time personal data cannot be destroyed. Personal data of employees is stored in the institution for 75 years. Thus, each company must comply with the rules for storing and processing information.

Read more:
Replacement of the passport with a change of surname is a law requirement or a vital necessity?
Replacement of the passport with a change of name - the requirement of law or life
Personal data of children: what does it concern, how to protect
Personal data of children: what does it concern, how to protect
What should be the policy regarding the processing of personal data in accordance with the law?
What should be the policy regarding the processing of personal data according to
Modern requirements for the protection of personal data in medical organizations
Modern requirements for the protection of personal data in medical organizations
Responsibility for the disclosure of personal data is administrative and criminal. Federal Law of the Russian Federation of July 27, 2006 No. 152-FZ "On Personal Data"
Responsibility for the disclosure of personal data is administrative and
Personal information: what you need to know about this
Personal information: what you need to know about this
Cross-border transfer of personal data is what?
Cross-border transfer of personal data is what?
Statistical processing of data and its features
Statistical processing of data and its features
Classification of information systems
Classification of information systems