Legislative Observatory
European Parliament
Please fill in this field to find a procedure

Data protection in Community institutions and bodies

1999/0153(COD)

ACT : Implementing rules relating to Regulation 45/2001/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data – European Parliament Bureau decision.

 

CONTENT : this Decision lays down the general rules governing the implementation of the Regulation in the case of the European Parliament. In particular, it supplements the provisions set out in the Regulation which relate to the tasks, duties and powers of the European Parliament's Data Protection Officer(s). Furthermore, the Decision lays down the detailed rules pursuant to which a data subject may exercise his or her rights, the procedure for notifying a processing operation and the procedure for obtaining access to the register of processing operations kept by the Data Protection Officer.

The Data Protection Officer's tasks shall be as follows:

- Provision of information: the Officer shall inform the European Parliament's data controllers and data subjects of their rights and obligations under the Regulation, for which purpose he or she shall provide the necessary information concerning the legislation in force, current procedures and existing notified files, and he or she shall facilitate the exercise of those rights and the fulfilment of those obligations.

- Requests from the European Data Protection Supervisor: the Officer shall respond to requests from the European Supervisor.

- Cooperation with the European Data Protection Supervisor: within his or her area of responsibility, the Officer shall cooperate with the European Supervisor at the latter's request or on his or her own initiative, particularly as regards dealing with complaints and carrying out inspections.

- Provision of information to the European Data Protection Supervisor: the Officer shall inform the European Supervisor regarding any new development at the European Parliament which has a bearing on the protection of personal data.

- Register of processing operations: the Officer shall, pursuant to Article 26 of the Regulation, keep a register of the processing operations carried out by the data controllers and shall ensure that that register may be inspected by any individual.

- Notification of processing operations which are likely to present specific risks: the Officer shall notify the European Data Protection Supervisor of any processing operation which is likely to present specific risks. Should there be any doubt regarding the need for a prior check, the Data Protection Officer shall consult the European Data Protection Supervisor.

- Upholding data subjects' rights and freedoms: the Data Protection Officer shall ensure that processing operations do not undermine the rights and freedoms of data subjects and that no person suffers loss or damage for having brought to the Data Protection Officer's attention a matter which in the view of that person constitutes an infringement of the Regulation.

ENTRY INTO FORCE : 07/12/2005.