of December 14, 2010 No. 1123
About approval of Safety requirements of personal data in case of their processing in information systems of personal data
Based on part (2) article 14 of the Law No. 17-XVI of February 15, 2007 on personal data protection (The official monitor of the Republic of Moldova, 2007, Art. No. 107-111, 468), with subsequent changes and amendments, DECIDES: the Government
1. Approve Safety requirements of personal data in case of their processing in information systems of personal data (are applied)
2. To holders of personal data to take adequate measures on implementation of Safety requirements of personal data in case of their processing in information systems of personal data within 12 months after entry into force of this Resolution.
|
Prime Minister |
Vladimir Filat |
|
Countersigns: minister of information technologies and bonds |
Aleksandra Oleynik |
Approved by the Order of the Government of the Republic of Moldova of December 14, 2010 No. 1123
1. Safety requirements of personal data in case of their processing in information systems of personal data (further – Requirements) aim at establishment of the minimum rules to holders of personal data on implementation of the organizational and technical measures necessary for safety, confidentiality and integrity of personal data in case of their processing within information systems of personal data and/or registers in manual form, according to provisions of the Law No. 17-XVI of February 15, 2007 on personal data protection (The official monitor of the Republic of Moldova, 2007, Art. No. 107-111, 468) and the Law No. 71-XVI of March 22, 2007 on registers (The official monitor of the Republic of Moldova, 2007, Art. No. 70-73, 314).
2. These Requirements create necessary base for application of the Convention on protection of citizens concerning the automated processing of personal data concluded in Strasbourg on January 28, 1981 published in European Treaty Series, No. 108, by the ratified Republic of Moldova the Resolution of Parliament No. 483-XIV of July 2, 1999.
3. In these Requirements the following determinations are used:
authentication – check of the identifier appropriated to the subject of access, authenticity confirmation;
safety control – actions taken by holders of personal data or the National center for personal data protection (further – the Center) for implementation of check and/or ensuring proper level of safety of the personal data processed in information systems and/or registers in manual form according to these Requirements;
temporary files – the data set or information on the digital carrier created on certain period prior to accomplishment of tasks for which they are intended;
identification – assignment of the identifier to subjects and access objects and/or comparison of the provided identifier with the list of the appropriated identifiers;
integrity – reliability, consistency and relevance of information containing personal data, protection it from damage and unauthorized change;
means of the cryptographic information security containing personal data – technical, program and technical and applied means, systems and complexes of systems which allow to build algorithms of cryptographic transformation of information containing the personal data intended for ensuring integrity and confidentiality of information in processing, storages and transfers on communication channels;
protection level – the safety level pro rata to risk to which processing of personal data is exposed, and also in relation to the rights and freedoms of citizens, established according to Requirements, developed and staticized according to the level of technology development and implementation cost of these measures (N-1 or N-2);
security policy of personal data – the document developed by the holder of personal data who represents the exact description of the security measures and signs of protection chosen for data security, considering potential risks for the processed personal data and real risks to which these data are exposed;
safety perimeter – zone which represents the access barrier provided with means of physical and engineering supervision of access;
person responsible for security policy of personal data – person who is responsible for the corresponding functioning of complex system of the information security containing personal data and also for development, implementation and monitoring of observance of provisions of security policy of the holder of personal data;
information security from inadvertent actions – package of measures, the inadvertent actions directed to the prevention caused by the user's mistakes, defects of the used technical means, the natural phenomena or other reasons which have the direct purpose no change of information, but which lead to misstatement, destruction, copying, blocking of information access, and also to its loss, destruction or the defect of the material data carrier containing personal data;
Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info
Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system
If you cannot find the required document, or you do not know where to begin, go to Help section.
In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.
You also may open the section Frequently asked questions. This section provides answers to questions set by users.
The document ceased to be valid since November 15, 2024 according to Item 2 of the Order of the Government of the Republic of Moldova of October 2, 2024 No. 678