Why is it important?
Nowadays, there can be no understanding a business without the use of databases about people. The big data phenomenon carries with it major business opportunities but at the same time major risks associated with the use of information. Collecting information about individuals allows profiles to be made and increasingly customised services to be offered, but also implies controlling individuals, and that must be regulated.
Users are in turn ever more aware that Internet services are not free but come at a price: personal data.
Data Protection laws lay down very strict obligations for those who collect and use data and demand that they provide assurances resulting in very specific requirements that must be implemented in any organisation using such data.
That is what adapting to and complying with the Law implies. In our country we have the Organic Personal Data Protection Act 15/1999 (LOPD) but we will shortly have an EU Personal Data Regulation which shall have to be directly complied with in all EU countries.
In recent years, Personal Data Protection has come to the fore as a result of the internal regulatory compliance policies of businesses. Following the latest amendment to the Criminal Code, those policies impose on all companies a duty of surveillance over such aspects as may be the source of criminal activity or regulatory non-compliance with consequences for the company itself. Personal Data Protection is a key element of those policies.