This summer, a major reform relating to personal data, in Russia, has been instigated. New privacy regulations entered into force on September 1st, 2022. These introduced a number of new requirements to data processing activities. Part of the new requirements, including new cross-border data transfer rules, will come into force from March 1st, 2023. Amendments to the Law on Personal Data entail the need to examine the data processing activities, update most of the data processing documents, as well as to implement new cross-border data transfers, data breach procedures and monitoring and compliance measures, to implement policies establishing procedures for handling each new data subject’s rights and guarantees, responsibilities of controllers and processors, etc. Please see our July Newsletter in which you will find our overview of the new law and its provisions.
In view of the upcoming changes, we have prepared the checklist below, answering the most frequent questions regarding implementation of the novelties of the Law on Personal Data and navigating data controllers’ on compliance level, as well as relevant risks and actions that should be taken, in order to comply with the new requirements.
We hope that the information provided herein will be useful for you. If you or any of your colleagues would like to receive our newsletters via e-mail, please fill in the 'Subscribe' form at the bottom of the page.
Practice: Data Protection and Cybersecurity.
Note: Please be aware that all information provided in this letter was taken from open sources. Neither ALRUD Law Firm, nor the author of this letter bear any liability for consequences of any decisions made in reliance upon this information.