What is the LOPD?
It is the Organic Law on Data Protection. It was published on December 13, 1999 to comply with the articles 18.1 and 18.4 of the Spanish Constitution which stipulate:
- "18.1. The right to honor, personal and family privacy and image is guaranteed."
- "18.4. The law will limit the use of computer science to guarantee citizens honour, personal and family privacy, and full exercise of their rights."
When is the application mandatory
- For the preexisting files to the appearance of the law, from 3 years before its creation.
- For the newly created files, one month after the appearance of the law.
Nowadays, it is mandatory for any entity that manages personal data.
What sanctions can be imposed if I violate this law?
- A slight misdemeanor, such as not registering the personal data file in the data protection agency would lead to a fine between 6,000€ and 60,000€.
- A serious misdemeanor, such as keeping a file of personal data without adequate security measures would result in a fine between 60,000€ and 300,000€.
These are two examples of possible sanctions although it exists more for various motives of infringement. A high percentage of companies that have not considered the LOPD violates at least the two articles listed.
Sofistic offers a plan to adapt to the LOPD for SMEs that deal with personal data. The plan includes the registration of the data file in the AGDP and the writing with the company of the safety document required by the law.
The solution offered by Sofistic covers both the legal and the technical aspect with regard to files with automatic processing, so that the final report will indicate what steps to follow to continue to ensure that the law is upheld.