å人æ å ±ä¿è·ã®éèŠæ§ãé«ãŸãäžãèªåè»æ¥çãGDPRïŒEUäžè¬ããŒã¿ä¿è·èŠåïŒãžã®å¯Ÿå¿ãæ¥åãšãªã£ãŠããŸããGDPRã¯ãEUã«æ ç¹ãæã€äŒæ¥ãEUã®å人ããŒã¿ãåãæ±ãäŒæ¥ã«é©çšãããéåããå Žåã¯å€é¡ã®å¶è£éã課ãããŸããèªåè»æ¥çã¯ãè»äž¡è²©å£²ãã¢ãã¿ãŒãµãŒãã¹ãã³ãã¯ãããã«ãŒãªã©ãæ§ã ãªå Žé¢ã§å人ããŒã¿ãåãæ±ã£ãŠãããããGDPRãžã®å¯Ÿå¿ã¯æ³çãªã¹ã¯ã®åé¿ã ãã§ãªãã顧客ããã®ä¿¡é Œç²åŸãšããŒã¿æŽ»çšã®åºç€ã¥ããã«ãã€ãªããéèŠãªèª²é¡ã§ããæ¬èšäºã§ã¯ãGDPRã®æŠèŠãšèªåè»æ¥çãžã®åœ±é¿ã察å¿ã®é²ãæ¹ããããŠå ·äœçãªæé ã«ã€ããŠã10åã§åããããã解説ããŸãã
GDPRãšã¯äœãïŒ èªåè»æ¥çãç¥ã£ãŠããã¹ãéèŠãã€ã³ã
è¿å¹Žãå人æ å ±ä¿è·ã®éèŠæ§ãé«ãŸãäžãEUã«ãããŠãå人ããŒã¿ã®ä¿è·ãšåãæ±ãã«é¢ããæ°ããªèŠåã§ããGDPRïŒEUäžè¬ããŒã¿ä¿è·èŠåïŒãæœè¡ãããŸãããGDPRã¯ãEUã«æ ç¹ãæã€äŒæ¥ããEUã®å人ããŒã¿ãåãæ±ãäŒæ¥ã«å¯ŸããŠé©çšãããèªåè»æ¥çãäŸå€ã§ã¯ãããŸãããæ¬èšäºã§ã¯ãGDPRã®æŠèŠãšèªåè»æ¥çãžã®åœ±é¿ããããŠèªåè»æ¥çãGDPRã«å¯Ÿå¿ããçç±ã«ã€ããŠè§£èª¬ããŸãã
GDPRã®æŠèŠãšç®ç
GDPRã¯ãEUã«ãããå人ããŒã¿ã®ä¿è·ãšããã®èªç±ãªç§»åã確ä¿ããããšãç®çãšããæ³èŠå¶ã§ãããã®èŠåã¯ãå人ããŒã¿ã®åéãåŠçãä¿åãåé€ãªã©ãããŒã¿ã®ã©ã€ããµã€ã¯ã«å šäœã«é©çšãããäŒæ¥ã«å¯ŸããŠä»¥äžã®ãããªçŸ©åã課ããŠããŸãã
- å人ããŒã¿ã®åãæ±ãã«ãããéææ§ã®ç¢ºä¿
- ããŒã¿äž»äœã®æš©å©ã®å°éïŒã¢ã¯ã»ã¹æš©ãèšæ£æš©ãåé€æš©ãªã©ïŒ
- ããŒã¿ä¿è·è²¬ä»»è ïŒDPOïŒã®ä»»åœ
- ããŒã¿æŒæŽ©æã®å ±å矩å
GDPRã®éåã«å¯ŸããŠã¯ãæ倧ã§å šäžç幎é売äžé«ã®4%ãŸãã¯2,000äžãŠãŒãïŒçŽ24ååïŒã®ãã¡ãããããé«ãæ¹ãå¶è£éãšããŠèª²ãããŸãã
GDPRãèªåè»æ¥çã«äžãã圱é¿
èªåè»æ¥çã¯ãè»äž¡ã®è²©å£²ããªãŒã¹ããµãŒãã¹ãªã©ãéããŠãå€ãã®å人ããŒã¿ãåãæ±ã£ãŠããŸããç¹ã«ãã³ãã¯ãããã«ãŒã®æ®åã«ãããè»äž¡ããåéãããããŒã¿éã¯å¢å ã®äžéããã©ã£ãŠããŸããGDPRã¯ããããã®å人ããŒã¿ã®åãæ±ãã«å€§ããªåœ±é¿ãäžããŸãã
å ·äœçã«ã¯ã以äžã®ãããªç¹ãèªåè»æ¥çã«ãšã£ãŠéèŠãšãªããŸãã
圱é¿ãåããåé | GDPRãžã®å¯Ÿå¿ |
---|---|
è»äž¡è²©å£² | 顧客æ å ±ã®é©åãªç®¡çãšä¿è· |
ã¢ãã¿ãŒãµãŒãã¹ | ä¿®çå±¥æŽãªã©ã®å人ããŒã¿ã®åãæ±ã |
ã³ãã¯ãããã«ãŒ | è»äž¡ããåéãããããŒã¿ã®é©åãªå©çšãšä¿è· |
ããŒã±ãã£ã³ã° | å人ããŒã¿ãçšããã¿ãŒã²ãã£ã³ã°åºåã®èŠçŽã |
èªåè»æ¥çãGDPRã«å¯Ÿå¿ããçç±
èªåè»æ¥çãGDPRã«å¯Ÿå¿ããçç±ã¯ã倧ããåããŠ3ã€ãããŸãã
- æ³ç矩åã®éµå®
- 顧客ããã®ä¿¡é Œã®ç²åŸ
- ããŒã¿æŽ»çšã®åºç€ã¥ãã
GDPRã¯ãEUã«ãããæ³èŠå¶ã§ãããéåããå Žåã«ã¯å€é¡ã®å¶è£éã課ãããŸããèªåè»æ¥çã¯ãæ³çãªã¹ã¯ãåé¿ããããã«ããGDPRãéµå®ããå¿ èŠããããŸãã
GDPRãžã®å¯Ÿå¿ã¯ã顧客ããã®ä¿¡é Œãç²åŸããããã«ãéèŠã§ããå人ããŒã¿ã®é©åãªåãæ±ãã¯ãäŒæ¥ã®ç€ŸäŒç責任ãšããŠèªèããã€ã€ãããGDPRãžã®å¯Ÿå¿ã¯ãèªåè»ã¡ãŒã«ãŒã®ãã©ã³ãã€ã¡ãŒãžåäžã«ãã€ãªãããŸãã
GDPRãžã®å¯Ÿå¿ã¯ãå人ããŒã¿ã®é©åãªç®¡çãšä¿è·ãä¿é²ããŸããããã¯ãå°æ¥çãªããŒã¿æŽ»çšã®åºç€ã¥ããã«ããªããŸããèªåè»æ¥çã¯ãã³ãã¯ãããã«ãŒãã¢ããªãã£ãµãŒãã¹ãªã©ãããŒã¿ã掻çšããæ°ããªããžãã¹ã¢ãã«ã®åµåºãç®æããŠãããGDPRãžã®å¯Ÿå¿ã¯ããã®ç¬¬äžæ©ãšãªãã®ã§ãã
以äžãGDPRã®æŠèŠãšèªåè»æ¥çãžã®åœ±é¿ããããŠèªåè»æ¥çãGDPRã«å¯Ÿå¿ããçç±ã«ã€ããŠè§£èª¬ããŸãããGDPRã¯ãèªåè»æ¥çã«ãšã£ãŠå€§ããªèª²é¡ã§ã¯ãããŸãããåæã«ã顧客ããã®ä¿¡é Œç²åŸãšããŒã¿æŽ»çšã®åºç€ã¥ãããšããç¹ã§ã倧ããªãã£ã³ã¹ã§ããããŸããèªåè»æ¥çã¯ãGDPRãéµå®ãã€ã€ãå人ããŒã¿ãé©åã«æŽ»çšããããšã§ãæ°ããªäŸ¡å€åµé ãç®æããŠããããšãæ±ããããŠããŸãã
èªåè»æ¥çã«ãããGDPR察å¿ã®é²ãæ¹
èªåè»æ¥çã¯ãè»äž¡è²©å£²ãã¢ãã¿ãŒãµãŒãã¹ãã³ãã¯ãããã«ãŒãªã©ãæ§ã ãªå Žé¢ã§å人ããŒã¿ãåãæ±ã£ãŠããŸããGDPRãžã®å¯Ÿå¿ã¯ãæ³ç矩åã®éµå®ã顧客ããã®ä¿¡é Œç²åŸããããŠããŒã¿æŽ»çšã®åºç€ã¥ãããšããç¹ã§ãèªåè»æ¥çã«ãšã£ãŠéèŠãªèª²é¡ã§ããããã§ã¯ãèªåè»æ¥çãGDPRã«å¯Ÿå¿ããããã®å ·äœçãªé²ãæ¹ã«ã€ããŠè§£èª¬ããŸãã
ããŒã¿ä¿è·è²¬ä»»è ïŒDPOïŒã®èšçœ®
GDPRã§ã¯ãäžå®ã®æ¡ä»¶ã«è©²åœããäŒæ¥ã«å¯ŸããŠãããŒã¿ä¿è·è²¬ä»»è ïŒDPOïŒã®èšçœ®ã矩åä»ããããŠããŸããDPOã¯ãå人ããŒã¿ã®åãæ±ãã«é¢ããç£ç£ãå©èšãè¡ããäŒæ¥ã®GDPRéµå®ãæ¯æŽãã圹å²ãæ ããŸããèªåè»æ¥çã«ãããŠããDPOã®èšçœ®ã¯éèŠãªäžæ©ãšãªããŸãã
DPOã®äž»ãªè²¬åã¯ä»¥äžã®éãã§ãã
- å人ããŒã¿ã®åãæ±ãã«é¢ããç£èŠãšå©èš
- GDPRã®éµå®ç¶æ³ã®ç¢ºèªãšå ±å
- ããŒã¿ä¿è·ã«é¢ããåŸæ¥å¡æè²ã®å®æœ
- ç£ç£åœå±ãšã®é£çµ¡çªå£ãšããŠã®åœ¹å²
DPOã¯ãå人ããŒã¿ã®åãæ±ãã«é¢ããæ·±ãç¥èãšçµéšãæã¡ãç¬ç«ããç«å Žã§è·åãéè¡ã§ãã人æãéžä»»ããå¿ èŠããããŸãããŸããDPOã¯ãäŒæ¥ã®ææ決å®ããã»ã¹ã«é©åã«é¢äžããå¿ èŠãªãªãœãŒã¹ã確ä¿ã§ãããããçµå¶å±€ããã®ãµããŒããåŸãããšãéèŠã§ãã
å人ããŒã¿ã®é©åãªåãæ±ããšç®¡ç
GDPRã§ã¯ãå人ããŒã¿ã®åãæ±ãã«ãããéææ§ã®ç¢ºä¿ãšãããŒã¿äž»äœã®æš©å©ã®å°éãæ±ããããŠããŸããèªåè»æ¥çã¯ã顧客æ å ±ãè»äž¡ããŒã¿ãåŸæ¥å¡æ å ±ãªã©ãæ§ã ãªå人ããŒã¿ãåãæ±ã£ãŠããããããããã®ããŒã¿ãé©åã«ç®¡çããå¿ èŠããããŸãã
å人ããŒã¿ã®é©åãªåãæ±ããšç®¡çã®ããã®ãã€ã³ãã¯ä»¥äžã®éãã§ãã
- å人ããŒã¿ã®åéãšå©çšç®çã®æ確å
- ããŒã¿äž»äœããã®åæã®ååŸ
- å人ããŒã¿ã®æ£ç¢ºæ§ãšææ°æ§ã®ç¢ºä¿
- å人ããŒã¿ãžã®ã¢ã¯ã»ã¹å¶éãšå®å šç®¡çæªçœ®ã®å®æœ
- äžèŠãšãªã£ãå人ããŒã¿ã®åé€
ç¹ã«ãã³ãã¯ãããã«ãŒããåéãããè»äž¡ããŒã¿ã¯ãé転è¡åãäœçœ®æ å ±ãªã©ããã©ã€ãã·ãŒæ§ã®é«ãæ å ±ãå«ãã§ããŸãããããã®ããŒã¿ãé©åã«å¿ååããå©çšç®çãæ確ã«ããäžã§ã顧客ã®åæãåŸãããšãéèŠã§ãããŸããããŒã¿ã®ä¿åæéãå®ããäžèŠãšãªã£ãããŒã¿ã¯éããã«åé€ããå¿ èŠããããŸãã
ããŒã¿äŸµå®³çºçæã®å¯Ÿå¿ç
GDPRã§ã¯ãå人ããŒã¿ã®æŒæŽ©ãäžæ£ã¢ã¯ã»ã¹ãªã©ã®ããŒã¿äŸµå®³ãçºçããå Žåã72æé以å ã«ç£ç£åœå±ãžå ±åããããšã矩åä»ããããŠããŸãããŸããããŒã¿äž»äœã«å¯ŸããŠããé æ»ãªãéç¥ãè¡ãå¿ èŠããããŸããèªåè»æ¥çã¯ãããŒã¿äŸµå®³çºçæã®å¯Ÿå¿çãäºåã«æºåããŠããããšãéèŠã§ãã
ããŒã¿äŸµå®³çºçæã®å¯Ÿå¿çã®ãã€ã³ãã¯ä»¥äžã®éãã§ãã
- ããŒã¿äŸµå®³ã®æ€ç¥ãšè©äŸ¡
- ç£ç£åœå±ãžã®å ±å
- ããŒã¿äž»äœãžã®éç¥
- ããŒã¿äŸµå®³ã®åå 究æãšåçºé²æ¢çã®å®æœ
- é¢ä¿è ãžã®é©åãªæ å ±å ±æãšé£æº
ããŒã¿äŸµå®³çºçæã¯ãè¿ éãã€é©åãªå¯Ÿå¿ãæ±ããããŸãããã®ããã«ã¯ãäºåã«ããŒã¿äŸµå®³å¯Ÿå¿èšç»ãçå®ããå®æçãªèšç·Žãå®æœããããšãéèŠã§ãããŸããããŒã¿äŸµå®³ã®åå 究æãšåçºé²æ¢çã®å®æœã¯ãäŒæ¥ã®ä¿¡é Œå埩ã«ãäžå¯æ¬ ã§ãã
èªåè»æ¥çã«ãããGDPR察å¿ã¯ãäŒæ¥å šäœã§åãçµãã¹ã課é¡ã§ããDPOã®èšçœ®ãå人ããŒã¿ã®é©åãªåãæ±ããšç®¡çããããŠããŒã¿äŸµå®³çºçæã®å¯Ÿå¿çã®æºåãªã©ãæ§ã ãªåŽé¢ããGDPRãžã®å¯Ÿå¿ãé²ããŠããå¿ èŠããããŸããGDPRãéµå®ããããšã¯ãæ³ç矩åã§ããã ãã§ãªãã顧客ããã®ä¿¡é Œç²åŸãšããŒã¿æŽ»çšã®åºç€ã¥ããã«ãã€ãªãããŸããèªåè»æ¥çã¯ãGDPRãäºæ¥æ©äŒãšæããå人ããŒã¿ã®é©åãªä¿è·ãšæŽ»çšã«ãããæ°ããªäŸ¡å€åµé ãç®æããŠããããšãæåŸ ãããŠããŸãã
GDPRã«é©åããããã®å ·äœçæé
èªåè»æ¥çãGDPRã«é©åããããã«ã¯ã以äžã®ãããªå ·äœçæé ãå¿ èŠãšãªããŸãã
å人ããŒã¿åéã»å©çšã®æ確åãšåæååŸ
GDPRã§ã¯ãå人ããŒã¿ã®åéãšå©çšç®çãæ確ã«ããããŒã¿äž»äœããã®åæãåŸãããšãæ±ããããŠããŸããèªåè»æ¥çã¯ã以äžã®ç¹ã«çæããå¿ èŠããããŸãã
- å人ããŒã¿ã®åéãšå©çšç®çãæ確ã«å®çŸ©ãã
- ãã©ã€ãã·ãŒããªã·ãŒãåãããããäœæããå ¬éãã
- ããŒã¿äž»äœããã®åæãé©åãªæ¹æ³ã§ååŸãã
- åæã®èšé²ãä¿ç®¡ããå¿ èŠã«å¿ããŠæ瀺ã§ããããã«ãã
ç¹ã«ãã³ãã¯ãããã«ãŒããåéãããè»äž¡ããŒã¿ã«ã€ããŠã¯ãé転è¡åãäœçœ®æ å ±ãªã©ããã©ã€ãã·ãŒæ§ã®é«ãæ å ±ãå«ãŸãããããæ éãªåãæ±ããæ±ããããŸããããŒã¿ã®å©çšç®çãæ確ã«ãã顧客ã®åæãåŸãããšãéèŠã§ãã
ããŒã¿äž»äœã®æš©å©ãžã®å¯Ÿå¿
GDPRã§ã¯ãããŒã¿äž»äœã®æš©å©ãšããŠãã¢ã¯ã»ã¹æš©ãèšæ£æš©ãåé€æš©ãªã©ãå®ããããŠããŸããèªåè»æ¥çã¯ããããã®æš©å©ã«é©åã«å¯Ÿå¿ããå¿ èŠããããŸãã
- ããŒã¿äž»äœããã®æš©å©è¡äœ¿èŠæ±ãžã®å¯Ÿå¿ããã»ã¹ã確ç«ãã
- èŠæ±ã«å¿ããŠãå人ããŒã¿ã®é瀺ãèšæ£ãåé€ãªã©ãè¡ã
- æš©å©è¡äœ¿èŠæ±ãžã®å¯Ÿå¿ç¶æ³ãèšé²ãã管çãã
- åŸæ¥å¡æè²ãå®æœããæš©å©è¡äœ¿èŠæ±ãžã®é©åãªå¯Ÿå¿ã培åºãã
ããŒã¿äž»äœã®æš©å©ãå°éããããšã¯ãGDPRã®äžæ žããªãéèŠãªèŠçŽ ã§ããèªåè»æ¥çã¯ã顧客ã®æš©å©è¡äœ¿èŠæ±ã«è¿ éãã€é©åã«å¯Ÿå¿ã§ããäœå¶ãæŽåããå¿ èŠããããŸãã
ããŒã¿ã»ãã¥ãªãã£å¯Ÿçã®åŒ·å
GDPRã§ã¯ãå人ããŒã¿ã®å®å šç®¡çæªçœ®ã®å®æœã矩åä»ããããŠããŸããèªåè»æ¥çã¯ãããŒã¿ã»ãã¥ãªãã£å¯Ÿçã匷åããå人ããŒã¿ã®æŒæŽ©ãäžæ£ã¢ã¯ã»ã¹ãé²æ¢ããå¿ èŠããããŸãã
- å人ããŒã¿ã®ä¿åå Žæãšç®¡çæ¹æ³ãèŠçŽããé©åãªå®å šç®¡çæªçœ®ãå®æœãã
- ã¢ã¯ã»ã¹å¶åŸ¡ãæå·åãç£èŠã»ãã°èšé²ãªã©ã®æè¡ç察çãå°å ¥ãã
- åŸæ¥å¡æè²ãå®æœããããŒã¿ä¿è·ã®éèŠæ§ãåšç¥åŸ¹åºãã
- ãµãŒãããŒãã£ãŒã«ããããŒã¿åŠçã«ã€ããŠãGDPRã®èŠæ±äºé ãæºãããã管çãã
ããŒã¿ã»ãã¥ãªãã£å¯Ÿçã¯ãå人ããŒã¿ã®ä¿è·ãšGDPRéµå®ã®åºç€ãšãªããã®ã§ããèªåè»æ¥çã¯ãæè¡çã»çµç¹çãªå¯Ÿçãç¶ç¶çã«èŠçŽãã匷åããŠããå¿ èŠããããŸãã
以äžã®ããã«ãèªåè»æ¥çãGDPRã«é©åããããã«ã¯ãå人ããŒã¿åéã»å©çšã®æ確åãšåæååŸãããŒã¿äž»äœã®æš©å©ãžã®å¯Ÿå¿ããããŠããŒã¿ã»ãã¥ãªãã£å¯Ÿçã®åŒ·åãäžå¯æ¬ ã§ãããããã®æé ãçå®ã«å®è¡ããããšã§ãèªåè»æ¥çã¯ãGDPRã®èŠæ±äºé ãæºããã顧客ããã®ä¿¡é Œãç²åŸããããšãã§ããã§ããããåæã«ãé©åãªå人ããŒã¿ã®åãæ±ãã¯ãããŒã¿æŽ»çšã®åºç€ãšãªããèªåè»æ¥çã®æ°ããªäŸ¡å€åµé ã«ãã€ãªãããŸããGDPRãžã®å¯Ÿå¿ã¯ãèªåè»æ¥çã®æç¶çãªçºå±ã®ããã«æ¬ ãããªãåãçµã¿ãšãããŸãã
ãŸãšã
èªåè»æ¥çã«ãããGDPRãžã®å¯Ÿå¿ã¯ãæ³ç矩åã®éµå®ã ãã§ãªãã顧客ããã®ä¿¡é Œç²åŸãšããŒã¿æŽ»çšã®åºç€ã¥ããã«ãã€ãªããéèŠãªèª²é¡ã§ããGDPRãžã®é©åã«ã¯ãDPOã®èšçœ®ãå人ããŒã¿ã®é©åãªåãæ±ããšç®¡çãããŒã¿äŸµå®³çºçæã®å¯Ÿå¿çã®æºåãå人ããŒã¿åéã»å©çšã®æ確åãšåæååŸãããŒã¿äž»äœã®æš©å©ãžã®å¯Ÿå¿ãããŒã¿ã»ãã¥ãªãã£å¯Ÿçã®åŒ·åãªã©ã®å ·äœçæé ãå¿ èŠã§ããèªåè»æ¥çã¯ãGDPRãäºæ¥æ©äŒãšæããå人ããŒã¿ã®ä¿è·ãšæŽ»çšã«ãããæ°ããªäŸ¡å€åµé ãç®æãããšãæåŸ ãããŠããŸãã