Marking the Data Privacy Day, the Compliance and Data Protection Department at the Ministry of Transport and Communications has announced the release of the guidelines of the Personal Data Privacy Protection Law No. (13) of 2016 to help the target audience, individuals, regulated entities and stakeholders understand their respective responsibilities, rights and practices as per the said law.
“In the context of MOTCs commitment to overseeing the implementation of the Personal Data Privacy Protection Law, we are pleased to announce the release of the guidelines of the Personal Data Privacy Protection Law No. 13 of 2016, which provide a set of guidelines, controls, assistive tools, checklists and templates for regulated entities addressed by the provisions of the law to support compliance to the law. They also include guidance for individuals to become more aware of their rights and responsibilities as per the law.”
without prejudice to the provisions of the law and, thereby, avoiding liability.
Director of Compliance and Data Protection Department at MOTC Eng. Dana Al Abdulla called upon the regulated entities addressed by the provisions of the law to strike a balance between ensuring the protection of personal data privacy and their right to technological advancement and the use of techniques and data to achieve individuals rights.
She pointed out to the importance to take into consideration the fundamental personal data processing principles provided for by law: transparency, honesty, respect of human dignity, data minimization, accuracy, storage limitation, integrity and confidentiality, purpose limitation and accountability. She said that her department explained these principles and how to put them into practice, in the released guidelines released.
Eng. Al Abdulla advised regulated entities to take into consideration the methods they control and/or process the personal data and be responsible for that. She also confirmed the importance of adopting a methodology based on risk analysis, as per privacy principles, and putting such principles in the heart of the approach of processing and controlling the personal data.
Personal data privacy is concerned with the use of individuals personal data in technological systems a field that combines technology and respect of individuals privacy within a regulatory, law framework that regulates the relation between the individual and the entity that collects and uses their data.
A data controller is a natural or legal person who, whether acting individually or jointly with others, determines how Personal Data may be processed and determines the purpose(s) of any such processing Personal Data Processing. A data processor is a natural or legal person who processes Personal Data for the controller.
Personal Data Processing is when personal data is processed through one operation or more such as gathering, receipt, registration, organization, storage, preparation, modification, retrieval, usage, disclosure, publication, transfer, withholding, destruction, erasure and cancellation.
According to Article (8) of the Law, the “Controller shall abide by the controls related to designing, changing or developing products, systems and services pertinent to Personal Data Processing and shall take appropriate administrative, technical and financial precautions to protect Personal Data, in accordance with what is determined by the Competent Department”, and this has been explained by the Compliance and Data Protection Department in the guidelines.
Moreover, the department provided several assistive tools for the audience the law addresses to help them reposition in line with the provisions of the law. Such tools include but are not limited to “Record of Processing Activities” (RoPA), “Personal Data Management System” (PDMS) and “Data Protection Impact Assessment” (DPIA).
On 4 February 2021, the 17th edition of the FIFA Club World Cup™ officially kicked off in Qatar, with…0 Views | the publication reaches you by | Qatar Today
Do you have information you want to reach our readers?