خلاصة:
comparative study Responsibilities Applicant processing entity, controller and processor Under gdpr and Bill »preservation and protection of personal data«AbstractMany times Institutions that actually or potentially hold people's data Attempt to delegate the processing of data to third parties,The question that arises This is that Assignment processing What kind of service provider CanHelp protect data privacy? Vacuum addressing the definition and responsibility of the processing applicant body It is felt in the GDPR and Bill «preservation and protection of personal data». The applicant body must not only be aware of its primary responsibility, its necessary Differences in responsibilities and obligations Between controller and processor usage Also understand. The comparative review of these roles is under the GDPR and the Bill is very applicable, Regarding Assign controller and processor assignments The bill needs reform, But overall under both regulations Assign services to an independent controller It is more effective for protecting the privacy of individuals and reducing the applicant's obligations."Applicant Processing Entity", "Controller", "Processor"
ملخص الجهاز:
A comparative study of the obligations of the data requesting entity, controller, and processor under the European General Data Protection Regulation (GDPR) and the Bill for the Protection and Safeguarding of Personal Data Hassan Badini Hamzeh Karami Date of receipt: 12/04/1398 Date of acceptance: 06/12/1398 Abstract In many cases, institutions that have individuals' data in their actual or potential possession proceed to outsource data processing to third parties.
A comparative study of these roles under the GDPR and the Bill is highly practical; regarding the refinement of the duties of controllers and processors, the Bill requires amendments, but overall, under both regulations, outsourcing services to an independent controller is more effective for preserving individuals' privacy and reducing the obligations of the requesting entity.
140 we may also rely on other sources of obligation, including multiple principles in processing, such as the principle of security and non-transfer, or moral and customary obligations such as the necessity of confidentiality and avoiding the disclosure of secrets, and even the concept of the principle of permissibility,1 Another primary and implicit obligation of the requesting entity can be found in its obligation to conclude a contract with the service provider, whether a controller or a processor; although in the GDPR, this obligation is not merely implicit, but in some places it takes the form of a legal duty; including what is stated in Recital 109 of the GDPR.
Additionally, in ensuring compliance with the obligations set forth in Article 32, taking into account the nature of the processing and the information available to the processor, assist the requesting entity in 3 ensuring compliance with data security requirements, breach notification, data protection impact assessments, and prior consultation with supervisory authorities.
(
, 
, 
)
