Data privacy law-09-08
Law 09-08 applies to personal data, automated in whole or in part but also to data processed in order to identify a person in manual files.
Today, this law applies to all organizations and companies, regardless of their business line, provided that they implement processing of personal data, whether it is basic computer files (personal files or client files for example) or systems using other technologies (telephone switches, badge access control, video surveillance systems).
The regulator CNDP has been severe about the lack of consent that relates to the processing of personal data, the penalty may reach 300,000 DH and / or two years of imprisonment.
Fiduciaire AL JISR offers you a companion designed to bring you in line.
To this end, our intervention focuses on two levels :
Audit and adaptation of your processing
- Processing’s mapping.
- Reconciliation statement: processing / law 08-09 / CNDP formalities.
- Compliance action plan.
- Writing your CNDP formalities (Declaration / Authorization / Request for an opinion).
- Writing and implementation of the company’s information systems’ charter of proper use (Internet – Electronic messaging – Database – Personnel management – Management of access controls to premises, schedules and catering – Geolocation – Biometrics, etc.).
- Implementation of a reactive action plan to correct procedural deficiencies.