European Data Protection Supervisor
European Data Protection Supervisor

Privacy in the EU Institutions

Privacy in the EU Institutions

Regulation (EC) No 45/2001 - which will be adapted in 2017, in order to be brought in line with the General Data Protection Regulation - lays down the data protection obligations for the EU institutions and bodies when they process personal data and develop new policies. The Regulation also sets out the duties of the EDPS including its role as an independent supervisory authority of the EU institutions and bodies when they process personal data and for advising on policies and legislation that affect privacy and cooperating with similar authorities to ensure consistent data protection.

Here you will find EDPS documents about privacy and data protection concerning the processing of personal data by the EU institutions and bodies, such as staff evaluation, accreditation of external visitors, access control.

Filters

Pages

12/12/2017
12
Dec
2017

Proposal for a Regulation on ECRIS-TCN

EDPS Opinion on the proposal for a Regulation on ECRIS-TCN

01/12/2017
1
Dec
2017

Appointment procedure - EUIPO

Prior-check Opinion on the European Parliament’s participation in the appointment procedure of the Executive Director, the Deputy Executive Director(s), the President of the Boards of Appeal, and the Chairpersons of the Boards of the European Union Intellectual Property Office (Case 2017-0345)

Tags:
29/11/2017
29
Nov
2017

Whistleblowing Policy - EIB

Prior-check Opinion on the Whistleblowing Policy of the European Investment Bank (Case 2016-0381)

28/11/2017
28
Nov
2017

General Report "Survey 2017"

General Report on "Measuring compliance with data protection rules in EU institutions" ("Survey 2017")

28/11/2017
28
Nov
2017

EU institutions a predominantly safe pair of hands for handling personal information, according to EDPS Survey

EU institutions and bodies deal with a wide variety of personal data, and often in complex ways. EU law requires that they are able to ensure, verify and demonstrate compliance with data protection rules when handling this data. According to a report published today by the European Data Protection Supervisor (EDPS), there has been continuous and steady progress in the way that they deliver on this obligation.

21/11/2017
21
Nov
2017

Press Statement: EDPS calls for swift agreement on new Regulation

Eleven months have passed since the Commission issued its proposal for the new Regulation governing data protection in the EU institutions and bodies. The proposal aims to align the provisions of the current Regulation (EC) 45/2001 with the rules of the General Data Protection Regulation (GDPR) to achieve a stronger and more coherent data protection framework in the Union.

20/11/2017
20
Nov
2017

Appointment and engagement procedures - CdT

Prior-checking Opinion regarding the updated notification for appointment and engagement procedures at the Translation Centre for the bodies of the European Union (EDPS case 2016-0377)

Tags:
16/11/2017
16
Nov
2017

Selection of confidential counsellors - EIB

Prior-checking Opinion regarding the selection of confidential counsellors at the European Investment Bank (case 2017-0136)

Confidential counsellors become active in informal anti-harassment procedures, a topic on which the EDPS has published Guidelines. The selection of such counsellors, in this case by the EIB, is subject to prior-checking by the EDPS because it involves an evaluation of the applicants' ability to perform the function, and possibly processing operations related to health. In the case at hand, the EDPS recommended spelling out the modalities of the procedure leading to the selection of confidential counsellors in rules of normative value, including which information on individual counsellors will be made available and which criteria apply to their selection.

Tags:
15/11/2017
15
Nov
2017

Declaration of accidents at work for local agents working in EU Delegations - EEAS

Prior check Opinion on Complimentary Sickness Insurance for Local Agents in EU Delegations - Declaration of accidents at work at the European External Action Service (Case 2016-0775)

In case of an accident, local agents working in EU Delegations covered by the Complimentary Sickness Insurance for Local Agents scheme must fill in a declaration of accidents at work to obtain the reimbursement of the medical expenses. The EU Delegations and EEAS might also process personal data, including data related to health, of local agents who are not covered by this scheme in e.g. sick leave absences management and supporting medical certificates if those local agents have an accident at work. The medical certificate must be clearly distinguished from the medical report. Local agents should always send the medical report directly to the CISLA functional mailbox in EEAS Headquarters, without any access of staff members of the Delegation. Whereas the medical certificate should be sent to the Administration section of the Delegation or, if the local agent so chooses, sent directly to the CISLA functional mailbox in EEAS Headquarters and the Administration of the Delegation informed of it. The EU Delegations staff members involved in this process as well as EEAS's HR officers responsible for local agents should sign confidentiality declarations mentioning that they are subject to an obligation of professional secrecy equivalent to that of a health professional. Medical files should be kept for a maximum period of 30 years after the last document inserted in the file.

Tags:
14/11/2017
14
Nov
2017

Visitors’ database - GSA

Letter concerning the visitors’ database at the European Global Navigation Satellite Systems Agency (GSA) (Case 2017-1055)

Tags:
06/11/2017
6
Nov
2017

Clinical Patient Management System - EC

Prior Checking Opinion on the Clinical Patient Management System (CPMS)
of the European Commission (Case 2017-0804)

Tags:
27/10/2017
27
Oct
2017

Procedure for appointing members of the Management Committee - EIB

Prior Checking Opinion regarding procedure for appointing members of the Management Committee of the European Investment Bank (Case 2017-0411)

Tags:
20/10/2017
20
Oct
2017

Traitement des données médicales au sein du Service médico-social - CdR

Avis de contrôle préalable concernant le traitement des données médicales au sein du Service médico-social du Comité des régions de l’Union européenne (dossier CEPD 2017-0185)

Tags:
19/10/2017
19
Oct
2017

Promotion procedure - CEDEFOP

Prior-checking Opinion regarding the updated notification for the promotion procedure at CEDEFOP (EDPS case 2017-0171)

Tags:
13/10/2017
13
Oct
2017

Video-surveillance system - EESC and CoR

Prior-checking Opinion regarding the video-surveillance system of the European Economic Social Committee and the Committee of the Regions (Case 2017-0662)

The Opinion regards the rather sophisticated video-surveillance system of the European Economic Social Committee and the Committee of the Regions. In the light of the EDPS Guidelines on Video-surveillance and against the background of a data protection impact assessment conducted, it contains recommendations on covert surveillance (concealed cameras), the collection of special categories of data and applicable retention periods.

Tags:
06/10/2017
6
Oct
2017

Renewal of temporary and contract agent's contracts - EUIPO

Opinion on the procedure for renewal of temporary and contract agent´s contracts at the European Union Intellectual Property Office (case 2017-0256)

Wednesday, 27 September, 2017
27
Sep
2017

Newsletter (N°
53
)

In the September 2017 edition of the EDPS Newsletter we cover the EDPS Opinion on the digital single gateway, the investigation of complaints relating to medical data and the latest developments in privacy engineering.
21/09/2017
21
Sep
2017

Recruitment for the selection of staff - CEPOL

Prior-checking Opinion regarding recruitment for the selection of staff at European Union Agency for Law Enforcement Training (CEPOL) (Case 2017-0187)

Tags:
18/09/2017
18
Sep
2017

Enterprise Portfolio Management Tool - Council

Letter concerning Article 27(3) consultation concerning the “Enterprise Portfolio Management Tool” (Case 2014-0173)

Pages