Please enable JavaScript.
Coggle requires JavaScript to display documents.
13-SUPERVISION & ENFORCEMENT (SANCTIONS to consider: (nature of…
13-
SUPERVISION & ENFORCEMENT
1-
SELF REGULATION
accountability
proof of compliance
art.28
breach notification duties
DPIAs
DPO
code of conducts, certificates, seals/marks
2-
REGULATION BY
THE CITIZENS
DS rights
Resort to National
Courts
or DPAs
Representative actions by CSOs(art.80)
shared liability
and compensation claims vs multiple controllers/processors at fault
Recurring to
Courts
in case DS is unhappy with DPA initial response/or no response
3-
ADMINISTRATIVE SUPERVISION&ENFORCEMENT
DPAs
independent
embedded in national lawmaking
tasks
complaints/investigations
support GDPR application
promote dp
awareness
approving criteria for marks, seals, certifications
and
codes
of conduct
approving
BCRs
annual
reports
consultation in case of
high risk
processing
, with no mitigation
measures
powers
art.58
investigation
audits
correction
warning/stop business activities
authorization of seals, marks, codes
imposing fines
WHICH DPA?
COMPETENCE
cross border processing:
main establishment
criterium to identify
lead authority
COOPERATION
mutual assistance
joint operations
CONSISTENCY
EDPB
EDPB OPINIONS
on DPIA necessity, multi MSs codes, DPA approved contractual clauses,BCRs authorization
dispute resolution
urgency procedure
SANCTIONS
to consider:
nature of infringement
intention or negligence
actions to mitigate
cooperation with DPA
nature of data
notification
compliance with potential
previous corrective actions by DPA