NOTIFICATION FOR PRIOR CHECKING INFORMATION TO BE GIVEN(2)

Similar documents
EXIN Privacy and Data Protection Foundation. Preparation Guide. Edition

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: Safeguarding Policy Data Protection Policy

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: T:Drive. Safeguarding Policy Data Protection Policy

Privacy Policy SOP-031

Robert Bond Partner, Commercial/IP/IT

This policy sets out how Legacy Foresight and its Associates will seek to ensure compliance with the legislation.

First Components Ltd, Savigny Oddie Ltd, & Datum Engineering Ltd. is pleased to provide the following

Call for expressions of interest

Ocean Energy Europe Privacy Policy

Biometric Data, Deidentification. E. Kindt Cost1206 Training school 2017

Employees, contractors and other personnel of KKR should note that a separate privacy notice will be made available to them.

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

clarification to bring legal certainty to these issues have been voiced in various position papers and statements.

Heads of European Radiological

1 SERVICE DESCRIPTION

IAB Europe Guidance THE DEFINITION OF PERSONAL DATA. IAB Europe GDPR Implementation Working Group WHITE PAPER

INDUSTRIAL HYGIENE NOISE DOSIMETRY SURVEY FORM

LICENSING THE PALLAS-REACTOR USING THE CONCEPTUAL SAFETY DOCUMENT

THE UNIVERSITY OF AUCKLAND INTELLECTUAL PROPERTY CREATED BY STAFF AND STUDENTS POLICY Organisation & Governance

WG food contact materials

GDPR Awareness. Kevin Styles. Certified Information Privacy Professional - Europe Member of International Association of Privacy professionals

Anonymous registration: Supporting survivors of domestic abuse to register to vote

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Privacy framework

Protection of Privacy Policy

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

COUNCIL OF THE EUROPEAN UNION. Brussels, 19 May 2014 (OR. en) 9879/14 Interinstitutional File: 2013/0165 (COD) ENT 123 MI 428 CODEC 1299

PRIVACY IMPACT ASSESSMENT

Guidelines for the Stage of Implementation - Self-Assessment Activity

Sample Date (Required) IH UIC (Required) The date the sample is collected.

Recast of RoHS Directive

South African Distribution Code

Ministry of Justice: Call for Evidence on EU Data Protection Proposals

COUNCIL OF THE EUROPEAN UNION. Brussels, 18 May /06 Interinstitutional File: 2005/0044 (CNS) RECH 130 ATO 48 COMPET 129

The Information Commissioner s response to the Draft AI Ethics Guidelines of the High-Level Expert Group on Artificial Intelligence

Hong Kong Personal Data Protection Regulatory Framework From Compliance to Accountability

COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT. pursuant to Article 294(6) of the Treaty on the Functioning of the European Union

1. Oklahoma Administrative Code (OAC) 252:410, titled Radiation Management

General Manager Assurance and Risk Management in Oakton;

(Non-legislative acts) DECISIONS

THE EXECUTIVE BOARD OF DELFT UNIVERSITY OF TECHNOLOGY

Introduction to the OPERRA Project. Jean-René Jourdain (IRSN, France) OPERRA Project Coordinator

REPORT OF THE IAEA SECRETARIAT TO THE CONTRACTING PARTIES TO THE CONVENTION ON NUCLEAR SAFETY

By: Georgia Institute of Technology

Keene State College Center for Environmental BioGeoChemistry Radiation Protection Program Revised January

UK Broadband Ltd Spectrum Access Licence Licence Number: Rev: 4: 11 January 2018

INFCIRC/57. 72/Rev.6. under. Safetyy. read in. Convention. involve. National Reports. on Nuclear 2015.

Swedish Proposal for Research Data Act

2

Ch. 813 INTERACTIVE GAMING ADVERTISEMENTS CHAPTER 813. INTERACTIVE GAMING ADVERTISEMENTS, PROMOTIONS AND TOURNAMENTS TEMPORARY REGULATIONS

Having regard to the Treaty establishing the European Community, and in particular its Article 286,

Polish Science Database (BWNP)

Tender Specifications for a study assessing the macro socio and economic impacts of fuel cell and hydrogen technologies

THE EUROPEAN DATA PROTECTION SUPERVISOR, Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

Minnesota Rules, Chapter 4732 X-ray Revision

(CNB note: this text is a working document for information only and is not legally binding)

Innovation Office. Intellectual Property at the Nelson Mandela University: A Brief Introduction. Creating value for tomorrow

Implementation of Directive 2004/113/EC

DMPGM DEPARTMENT OF MINERAL POLICY & GEOHAZARDS MANAGEMENT REVIEW OF THE MINING (SAFETY) ACT AND REGULATION

Recast de la législation européenne et impact sur l organisation hospitalière

TechAmerica Europe comments for DAPIX on Pseudonymous Data and Profiling as per 19/12/2013 paper on Specific Issues of Chapters I-IV

Mutual Understanding of Criminal Records Information Project (MUCRI)

Access My Personal Learning Record

ENGINEERING DRAWINGS MANAGEMENT POLICY (IFC/AS BUILTS)

REPORT. Working Group: "Safety of medical devices emitting ionising radiation"

COMMISSION DELEGATED DIRECTIVE (EU).../ of XXX

COMMISSION STAFF WORKING DOCUMENT. Implementation Plan. Accompanying the document

User Privacy in Health Monitoring Wearables

A Step by Step guide to making and maintaining a Universal Credit claim online

Incentive Guidelines. Aid for Research and Development Projects (Tax Credit)

REPORT FROM THE COMMISSION. of TO THE ECONOMIC AND FINANCIAL COMMITTEE

Castan Centre for Human Rights Law Faculty of Law, Monash University. Submission to Senate Standing Committee on Economics

COUNCIL DIRECTIVE 93/42/EEC. of 14 June concerning medical devices

COMMISSION DELEGATED DIRECTIVE../ /EU. of XXX

Office for Nuclear Regulation

EUROPEAN CENTRAL BANK

Privacy Impact Assessment on use of CCTV

Measures for the Administration of Securities Investment within the Borders of China by Qualified Foreign Institutional Investors

Position Paper.

Details of the Proposal

MUSEUM SERVICE ACT I. BASIC PROVISIONS

Human Exposure Requirements for R&TTE and FCC Approval

Workforce and Governing Body Members Equality Information (incorporating the WRES progress report) For further information please contact:

Radiation Protection and Public Information

D2. Results of the feasibility analysis

Interest Balancing Test Assessment on the processing of the copies of data subjects driving licences for the MOL Limo service

(Non-legislative acts) REGULATIONS

Guidelines for Documents Required For Various Categories Important points: 4. Proof of Identity: -

Vital Records Data Practices Manual

Applications form: Standard / Enhanced Disclosure

3. Title NHSE & Ipsos Mori CCG 360 Stakeholder Survey

nuclear science and technology

STATEMENT OF WORK Environmental Assessment for the Red Cliffs/Long Valley Land Exchange in Washington County, Utah

LAW ON TECHNOLOGY TRANSFER 1998

COMMISSION DELEGATED DIRECTIVE../ /EU. of XXX

UK Broadband Ltd - Spectrum Access 28 GHz Licence Company Registration no: First Issued 22 July Licence Number: /01/18

Opinion of the European Data Protection Supervisor

Preparing for the new Regulations for healthcare providers

Jay: Hi, I m Jay! Just like you, I can t wait to start a new career adventure at Accenture.

ISO/TR TECHNICAL REPORT. Intelligent transport systems System architecture Privacy aspects in ITS standards and systems

Municipal Census Manual

Transcription:

To be filled out in the EDPS' office REGISTER NUMBER: 322 NOTIFICATION FOR PRIOR CHECKING Date of submission: 10/01/2008 Case number: 2008-020 Institution: European Commission Legal basis: article 27-5 of the regulation CE 45/2001(1) (1) OJ L 8, 12.01.2001 INFORMATION TO BE GIVEN(2) 1/ Name and adress of the controller (2) Please attach all necessary backup documents 2) Name and First Name of the Controller:DE HAAS Johannes 3) Title:Head of Sector 4) Directorate, Unit or Service to which the Controller is attached:f. 5) Directorate General to which the Controller is attached:jrc 2/ Organisational parts of the institution or body entrusted with the processing of personal data 26) External Company or Directorate General to which the Processor is attached: 25) External Company or Directorate, Unit or Service to which the Processor is attached: NRG Nuclear Research and Consultancy Group.JRC IE 3/ Name of the processing Dosimetry management system of radiological workers at JRC-IE in Petten. 4/ Purpose or purposes of the processing

The purposes of recording the data are to be able to survey and review workers (internal and external) and visitors personal radiation exposure and according to legal and statutory obligations To check whether: a) the radiological workers will stay within the legal limits b) actions are needed to prevent workers from reaching these limits c) improvements in working methods are necessary 5/ Description of the category or categories of data subjects 14) Data Subject(s) concerned: The persons identified as occupationally exposed to ionising radiation: - JRC staff - External staff under contract. - Visitors. 16) Category(ies) of Data Subjects: The persons identified as occupationally exposed to ionising radiation: - JRC staff - External staff under contract. - Visitors 6/ Description of the data or categories of data (including, if applicable, special categories of data (article 10) and/or origin of data)(including, if applicable, special categories of data (article 10) and/or origin of data) 17) Data field(s) of Data Subjects: Attention: Please indicate and describe in the answer to this question also data fields which fall under article 10 Name Level (radiological safety training Level - mandatory 5b in the Netherlands) Category Dosis-meter Refreshment Radiation passport Comment Unit Gender Nationality Language Social Security Number radiation exposure periode and cumulative. See the attached Excel spreadsheet. This processing is subjected to Article 10

18) Category(ies) of data fields of Data Subjects: Attention: Please indicate and describe in the answer to this question also categories of data fields which fall under article 10 Personal data and radiological data collected. This processing is subjected to Article 10. 7/ Information to be given to data subjects 15a) Which kind of communication(s) have you foreseen to inform the Data Subjects as described in articles 11-12 under 'Information to be given to the Data Subject' The privacy statement is available for data subjects. Privacy statement distributed to the concerned data subjects and published on the intranet JRC-IE website Annual information about total yearly dose. 8/ Procedures to grant rights of data subjects (rights of access, to rectify, to block, to erase, to object)(rights of access, to rectify, to block, to erase, to object) 15b) Which procedure(s) did you put in place to enable Data Subjects to exert their rights: access, verify, correct, etc., their Personal Data as described in articles 13-19 under 'Rights of the Data Subject' : The data subject can refer directly to the controller to exert their rights. The data subject can use the functional mailbox "jrc-ie-ses@ec.europa.eu" - see also privacy statement. 9/ Automated / Manual processing operation 7) Description of Processing: Attention: Please describe in the answer to this question if you process personal data falling under article 27 "Prior-Checking (by the EDPS - European Data Protection Supervisor)" Personal radiation dosimeters with a unique reference number for identification with an internal or external worker are provided by an external company (NRG). At the end of the exposure period of four weeks the dosimeters are measured. The list with results is distributed at IE to Medical Staff, Director, Unit Heads, Qualified Nuclear Expert, Site Safety Officer and the external advisor for Radiation Protection. This information is then put into the Dosimetry Radiation Excel spreadsheet by the Qualified Nuclear Expert. This file has several different data entries. According to the attached European Directives and IAEA Basic Safety Standards workers performing radiation work on other sites require radiation passbooks which is an individual radiological monitoring document and a medical certificate. It contains the holder?s previous radiation exposure, medical certification 8) Automated Processing operation(s): Production of a unique reference number to be used as a dosimeter identifier and linked to a name. Production of a list of monthly dosimeter reading (externally).

9) Manual Processing operation(s): Updating of personal data. Updating of employer data. Checking whether dosimeters are read out by the Qualified expert. Analysis of the dosimeter radiation exposure by the Qualified Expert. Addition of effective dosis due to data obtained from other sources than the dosimetry. Data are manually transferred. 10/ Storage media of data paper and electronic 11/ Legal basis and lawfulness of the processing operation 11) Legal basis of Processing: European Directive (96/29) and 90/641 IAEA Basic Safety Standards No 115 Treaty of EURATOM, Chapter I, Art. 8.: The Commission establishes a Joint Centre for Nuclear Research (CCR = JRC ). Besluit van 16 juli 2001, houdende vaststelling van het Besluit stralingsbescherming. - Dutch Legislation - 12) Lawfulness of Processing: Answering this question please also verify and indicate if your processing has to comply with articles 20 "Exemptions and restrictions" and 27 "Prior checking (by the EDPS)" Article 5(a), 45/2001. This processing falls under Art. 27 12/ The recipients or categories of recipient to whom the data might be disclosed 20) Recipient(s) of the Processing: JRC-IE Director JRC-IE Qualified Nuclear Expert JRC Medical Officer as identified in European Directive 96/29 Unit Head of respective Data Subjects (Administrative data, medical data, professional risks exposure) Site Safety Officer NRG - Nuclear Research and Consultancy Group - The Netherlands-Petten Data transfer follows Article 7 and Art. 8 of the Regulation (EC) 45/2001. 21) Category(ies) of recipients: - Medical service from the Commission (Luxemburg) - Qualified Nuclear Expert - Outside contractor (NRG) - Unit Heads of Data subjects - Site Safety Officer

13/ retention policy of (categories of) personal data Records are retained during the working life involving exposure to ionising radiation and afterwards until the individual had or would have reached the age of 75 but in any case not less than 30 years from the termination of the work or from the visit date. European Directive 96/29 Section 4, Article 28 IAEA Basic Safety Standards (No 115) 13 a/ time limits for blocking and erasure of the different categories of data (on justified legitimate request from the data subject) (Please, specify the time limits for every category, if applicable) (on justified legitimate request from the data subject) (Please, specify the time limits for every category, if applicable) 22 b) Time limit to block/erase data on justified legitimate request from the data subjects Following a justified and legitimate request by the Data Subject, the personal data will be modified in the database within 15 working days. 14/ Historical, statistical or scientific purposes If you store data for longer periods than mentioned above, please specify, if applicable, why the data must be kept under a form which permits identification, 22 c) Historical, statistical or scientific purposes - If you store data for longer periods than mentioned above, please specify, if applicable, why the data must be kept under a form which permits identification Annual statistics totally anonymous. 15/ Proposed transfers of data to third countries or international organisations 27) Legal foundation of transfer: Only transfers to third party countries not subject to Directive 95/46/EC (Article 9) should be considered for this question. Please treat transfers to other community institutions and bodies and to member states under question 20. not applicable 28) Category(ies) of Personal Data or Personal Data to be transferred: not applicable 16/ The processing operation presents specific risk which justifies prior checking (please describe):(please describe) ):

7) Description of Processing: Attention: Please describe in the answer to this question if you process personal data falling under article 27 "Prior-Checking (by the EDPS - European Data Protection Supervisor)" Personal radiation dosimeters with a unique reference number for identification with an internal or external worker are provided by an external company (NRG). At the end of the exposure period of four weeks the dosimeters are measured. The list with results is distributed at IE to Medical Staff, Director, Unit Heads, Qualified Nuclear Expert, Site Safety Officer and the external advisor for Radiation Protection. This information is then put into the Dosimetry Radiation Excel spreadsheet by the Qualified Nuclear Expert. This file has several different data entries. According to the attached European Directives and IAEA Basic Safety Standards workers performing radiation work on other sites require radiation passbooks which is an individual radiological monitoring document and a medical certificate. It contains the holder?s previous radiation exposure, medical certification 12) Lawfulness of Processing: Answering this question please also verify and indicate if your processing has to comply with articles 20 "Exemptions and restrictions" and 27 "Prior checking (by the EDPS)" Article 5(a), 45/2001. This processing falls under Art. 27 Article 27.2.(a) Processing of data relating to health and to suspected offences, offences, criminal convictions or security measures, Article 27.2.(a) Processing of data relating to health Article 27.2.(b) Processing operations intended to evaluate personal aspects relating to the data subject, Article 27.2.(c) Processing operations allowing linkages not provided for pursuant to national or Community legislation between data processed for different purposes, Article 27.2.(d) Processing operations for the purpose of excluding individuals from a right, benefit or contract, Other (general concept in Article 27.1) 17/ Comments 1) Date of submission: 10) Comments if applicable:

36) Do you publish / distribute / give access to one or more printed and/or electronic directories? Personal Data contained in printed and/or electronic directories of users and access to such directories shall be limited to what is strictly necessary for the specific purposes of the directory. If Yes, please explain what is applicable. 37) Complementary information to the different questions if applicable, including attachments to this notification which should not be public : PLACE AND DATE:10/01/2008 DATA PROTECTION OFFICER: RENAUDIERE Philippe INSTITUTION OR BODY:European Commission

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback