When it comes to GDPR compliance, the Council of the European Union is determined to implement a Directive against public and private corruption based. First, it obliges companies, administrations and public entities to implement internal procedures for the reception and study of reports of irregularities.
Whistle-blowers are people speaking up when they encounter, in the context of their work, wrongdoing that can harm the public interest, for instance by damaging the environment, public health and consumer safety and public finances.
On the other hand, it establishes a series of guarantees and measures for those who report such infringements, which will affect companies with more than 50 workers or those with a turnover equal to or higher than 10 million euros. Companies in sensitive sectors (such as financial) will also be affected by this rule. All of them will have to implement complaint channels that guarantee the confidentiality of the person who is providing information.
This rule must be transposed within two years.
REGARDING SOCIAL NETWORKS AND TELECOMMUNICATIONS IF THEY THREATEN NATIONAL SECURITY.
The government may intervine when it threatens national Security.
According to Approved Decree-Law 14/2019, which adopts urgent security measures in the areas of e-government, public procurement and telecommunications.
The aim is to protect against the new threats associated with cyberspace, such as data theft, and also to prevent the creation of a parallel digital administration after the events that occurred in Catalonia.
The RD includes “urgent measures relating to national identity documents, electronic identification before Public Administrations, data held by Public Administrations, public procurement and the telecommunications sector”.
The Decree includes 5 parts:
- Measures concerning national identity documents
- Measures in matters of electronic identification before Public Administrations, location of certain databases and data transferred to other Public Administrations
- Public procurement measures
- Measures to strengthen telecommunication security
- Measures to strengthen coordination in the area of network and information system security.
How can we help you?
We speak your language. If you would like more information about GDPR in Spain, or have any questions, please do not hesitate to contact us directly. We would be happy to assist you in any way we can!