The Commission for protection of personal data adopted a new Regulation concerning the minimum level of technical and organizational measures and admissible type of protection of personal data.
The Regulation introduces
five different types of personal data protection:
- physical protection;
- personal protection;
- documentary protection;
- protection of automatic information systems and/or networks; and
- cryptographic protection.
The new rules provide for
four levels of impact, depending on the extent of the adverse effects that may
be caused by unauthorized processing of personal data:
“extremely high”,
“high”,
“average” and
“low”.
Pursuant to the Personal
Data Protection Act in case the administrator has not issued the above
mentioned Instruction with all mandatory requisites, the administrator may be
imposed penalties up to the amount of BGN 5’000, respectively up to BGN 10’000
for continuous breach.
Latest articles
22
Feb
22
Jun
16
May
We will send you articles keeping you up to date with the latest trends and developments in accounting, taxation or legal fields.