Law on Protection of Personal Data
31 October 2019
How Companies Should Prevent Personal Data Protection First of all, what is “personal data,, you have to start with it. Personal data is any kind of data that belongs to or can be identified. This can be your name, email address, phone number, or photo. 'Law on the Protection of Personal Data No. 6698', which has been pending for many years and entered into force after being published on April 7, 2016, protect the fundamental rights and freedoms of individuals, especially the privacy of private life, in the processing of personal data, has the purpose. However, the Personal Data Protection Act accepts that bilgi any information relating to an identifiable or identifiable natural person en is personal data, whereas such data shall be, acquired, recorded, stored, stored, modified, rearranged, disclosed, transferred ”. in the processing of personal data. The processing of personal data in contradiction with the procedures and principles stipulated in this law and other laws is prohibited by this law. In the recent years, the implementation of this issue has been very advanced in the world and in our country. In fact, companies that do not take this practice into account under the law face serious penalties. Except for the exceptions set out in the Law, personal data shall not be processed without the express consent of the person concerned; will not be transferred to third parties and abroad. In case of failure to comply with the articles specified in the separate articles of the Law, institutions may be subject to administrative fines. According to the law, a prison sentence of one to three years is provided for those who violate personal data. In addition, a person who seizes this data through a violation may be sentenced to imprisonment from 2 to 4 years. Administrative fines may increase from TL 5,000 to TL 1,000,000 depending on the items not fulfilled. What Companies Should Do? Companies should take the following precautions regarding the protection of personal data:
● Establish clear rules for the security of personal data and define it as a separate policy. ● Providing training to employees on the law and the functioning of the company. ● Confidentiality agreements. ● Regularly conduct authorization checks. ● Immediately remove the authority of the previous departments of employees whose jobs have been changed and who have left work. ● Keeping passwords or keys in secure environments. ● Reliable archiving of transaction records. ● Regularly monitoring and performing security updates in the media where data is stored. ● Preventing third parties from accessing this data. Today, the protection of personal data is a very important issue. This should not be overlooked.