The special interest of data protection in an entity like Fraternidad-Muprespa
Since its proclamation by the Council of Europe in 2006, every January 28 the European Day for the Protection of Data, a date whose objective is to inform and raise awareness about the rights and obligations as Internet users. Any user of practically any service knows that for a few years now, writing personal data in a document requires signing another document, related to the protection of said data.
This regulation, which came into force in 2018 for all countries in the European Union, requires special observance of consent when freely, specifically, informed and unequivocally expressing the processing of personal data and non-compliance entails high fines.
Other legal obligations that must be respected include the introduction of the figure of the Data Protection Officer, in charge of guaranteeing compliance with the Regulation and the mechanisms to establish the right to be forgotten, that is, the right to request that personal data not appear in the results of an internet search carried out by name, a right that arises from a ruling by the Court of Justice of the European Union in 2014.
Fraternidad-Muprespa joined the Digital Pact in May of last year, an initiative of the Spanish Agency for Data Protection. It did so with the purpose of providing adequate security to the enormous amount of data that is handled in an entity like ours. The agreement is made up of three documents.
The Letter of Adhesion is where the commitment to the fundamental right of data protection and its privacy, to the responsible and ethical treatment of said information is contained and where additional resources are also described to increase awareness about the value of privacy, also in the work environment.
The Commitment to Responsibility in the Digital Field contains the obligations of organizations, a specific commitment adjusted to the digital field.
Finally, the third document is the Decalogue of Good Privacy Practices for media and organizations with their own broadcast channels, through which we want to promote the fight against digital violence.
How does Fraternidad-Muprespa understand and protect data?
For the Mutua, data protection is of vital importance since it is one of the most important assets for the development of the activities that constitute its corporate purpose. Among the specific actions to be carried out for said protection, the implementation of an information security system according to the UNE-ISO/IEC 27001:2014 standard stands out, the scope of which extends to all its information systems.
Also through awareness campaigns and training for all staff on information security and data protection. Another pillar is the maintenance of a security document, which includes the technical and organizational measures defined for the effective protection of personal data processed by the entity.
Finally, audits are periodically carried out to verify compliance with regulations, carried out by duly accredited external companies.The last one was carried out in the last quarter of 2021 and as a result of the findings found, an action plan has been established, on the implementation of which the Mutual Fund's efforts are currently focusing.
Fraternidad-Muprespa is not only responsible for maximally observing the relevant protection of the data in its possession, but at the same time assumes the importance of the dissemination object of this news, addressing entrepreneurs and prevention technicians of occupational risks. The good practices guide published for this purpose establishes the guidelines for the processing of personal data in the prevention of occupational risks, with special emphasis on current legislation in this area with a fundamental objective: to provide a valuable consultation tool for the identification of needs, obligations and good practices in this management.
