Watch videos with subtitles in your language, upload your videos, create your own subtitles! Click here to learn more on "how to Dotsub"

The New DIFC Data Protection Law | High-risk processing

0 (0 Likes / 0 Dislikes)
The new DIFC Data Protection law directly affects all DIFC businesses and many businesses from outside the DIFC, which have regular dealings in the DIFC. The law will also indirectly affect all service providers to such businesses which process personal data as part of their offering. All directly affected businesses will need to consider if they carry out high-risk processing, as defined in the new law. This is an important and necessary assessment, because the question of whether or not the business carries out high-risk processing affects the compliance obligations that the business has to satisfy. In summary, high-risk processing is where new methods or technologies are being used, which increase the risks to data subjects or make it harder for data subjects to exercise their rights or where a considerable amount of personal data is being processed and such data is high risk due to sensitivity or due to the nature of the processing, or where personal aspects are being systematically and extensively evaluated, or where material amounts of special categories of personal data, and that term has a similar meaning to the term in the GDPR, are being processed. There will be some cases where the assessment gives an outcome which is a shade of grey rather than black or white result. This is deliberate because the law wants businesses to engage with their data processing and with their data sets, and to carefully consider their activities and to develop an approach to compliance accordingly. The commissioner of data protection is available and can be consulted with, and is available to consult with organisations which are struggling to make a determination, and the commissioner may also publish further guidance on this subject in due course. Organisations which conduct high-risk processing must appoint a data protection officer and must conduct data protection impact assessments before the high risk processing activity takes place. If an organisation fails to do this then it is in breach of the law and it could be sanctioned, which may include fines or public reprimands.

Video Details

Duration: 2 minutes and 35 seconds
Language: English
License: Dotsub - Standard License
Genre: None
Views: 1
Posted by: clydecomarketing on Jun 23, 2020

The DIFC Authority has recently announced the release of the new DIFC Data Protection Law, which will come into force on 1 July 2020.
We have prepared a series of short videos to address some of the key enhancements and implications of the new Data Protection Law that every DIFC-based entities or companies dealing with such entities should be aware of.
In our latest video, Ben Gibson outlines all you need to know about high-risk processing.

Caption and Translate

    Sign In/Register for Dotsub to translate this video.