Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Latvia: DVI publishes guide on Privacy by Design and Default in data processing
On November 21, 2024, the Data State Inspectorate (DVI) advised that when processing personal data, organizations must ensure that their processing complies with the principles of Data Protection by Design and by Default. The DVI explained that integrated data protection is an approach that ensures the legal and safe processing of personal data from the planning and development stages of systems, services, or processes. It involves implementing technical and organizational measures throughout the entire lifecycle of data processing to protect personal data, meet regulatory requirements as a data controller, and uphold the rights of individuals as data subjects.
Furthermore, the DVI noted that by embedding privacy protection into information systems and services from the outset, organizations can anticipate and mitigate potential privacy threats effectively. This approach is characterized by incorporating data protection measures early in the development phase, proactively assessing risks, and applying both technical and organizational strategies to ensure compliance with data protection requirements. Additionally, the DVI claimed that efficiency is central to integrated data protection, as each measure taken must effectively address the specific risks associated with data processing activities.
Moreover, the DVI encouraged organizations to implement these protective measures during the planning stages and continuously evaluate them to maintain their effectiveness throughout the data processing lifecycle.
You can read the press release, only available in Latvian, here.