The office of personal data protection is going to start audits of organisations in September to check if they comply with the law on General Data Protection Regulation (GDPR).
According to data protection commissioner Irini Loizidou Nicolaidou, audits will be carried out both on public and private organisations.
“In order to carry out the inspections, my office secured the cooperation of private experts, who will help our work,” the commissioner said.
GDPR is a new EU regulation which sets out to give citizens more rights over understanding and deciding how their data is used.
Under the law firms must be able to comply with consumer requests to remove, correct or provide them with all the data they have on them with the aim to give people more access to their data and right to privacy.
The EU law stipulates that controllers of personal data must put in place appropriate technical and organisational measures to implement the data protection principles.
The GDPR was adopted on 14 April 2016, and became enforceable beginning May 25, 2018. As the GDPR is a regulation, not a directive, it does not require national governments to pass any enabling legislation and is directly binding and applicable.