SEM assisted the Office of the Information and Data Protection Commissioner (IDPC) in applying for EU funds to promote citizen’s rights in relation to the General Data Protection Regulation (GDPR).
The main objective of the project is to increase awareness amongst the Maltese general public and business stakeholders on GDPR obligations and general regulations (in particular micro, small and medium-sized enterprises). The IDPC is the national Data Protection Authority in Malta tasked with supervising the application of the data protection law, providing expert advice and managing complaints of violations.
The project was presented by the Commissioner for Information and Data Protection, Mr Ian Deguara, in the presence of the Minister within the Office of the Prime Minister, Hon. Carmelo Abela, Minister for Justice, Equality and Governance, Hon. Edward Zammit Lewis, and SEM CEO, Ms Mandy Falzon.
In the formulation of the proposal for this project, a needs-based approach was undertaken to ascertain that the proposed activities reflect directly and explicitly the identified shortcomings of the specific and varying target groups.
IDPC regularly receives queries from data subjects, and also receives official complaints from individuals alleging an infringement of their data protection rights. Requests for advice are also received from data controllers, in particular, SMEs, where the subject matter of such requests generally relates to the interpretation of certain provisions of the GDPR and measures of implementation, to ensure compliance with the law. In addition, IDPC also receives regular requests for meetings from controllers, in which the necessary advice on data protection is provided accordingly.
Such requests for assistance portray the national need for increased awareness and assistance in compliance, which will be addressed through the following actions of the project:
- Development and implementation of an awareness-raising campaign, using both digital and traditional media tools, targeting the Maltese general public, informing them of their rights under GDPR.
- Development of an Online Self-Assessment Compliance tool for business stakeholders to measure compliance, identify gaps, provide tips, provide feedback and facilitate compliance.
- Organisation of two Data Protection Conferences in Malta and Gozo respectively, for business stakeholders, in particular SMEs, informing them of their rights and obligations under GDPR, as well as the use and benefits of the Online Self-assessment Compliance tool.
- Organisation of two half-day seminars in Malta and Gozo for Data Protection Officers (DPOs) in the private sector, informing them of their rights and obligations under GDPR, as well as the use and benefits of the Online Self-assessment Compliance tool.