of December 14, 2010 No. 1123
About approval of Safety requirements of personal data in case of their processing in personal data information systems
1. Approve Safety requirements of personal data in case of their processing in personal data information systems (are applied)
2. To holders of personal data to take adequate measures on implementation of Safety requirements of personal data in case of their processing in personal data information systems within 12 months after entry into force of this Resolution.
Prime Minister |
Vladimir Filat |
Countersigns: minister of information technologies and communications |
Aleksandra Oleynik |
Approved by the Order of the Government of the Republic of Moldova of December 14, 2010 No. 1123
2. These Requirements create necessary base for application of the Convention on protection of citizens concerning the automated processing of personal data concluded in Strasbourg on January 28, 1981 published in European Treaty Series, No. 108, by the ratified Republic of Moldova the Resolution of Parliament No. 483-XIV of July 2, 1999.
3. In these Requirements the following determinations are used:
authentication – check of the identifier appropriated to the subject of access, authenticity confirmation;
safety control – actions taken by holders of personal data or the National center for personal data protection (further – the Center) for implementation of check and/or providing the proper security level of the personal data processed in information systems and/or registers in manual form according to these Requirements;
temporary files – the data set or information on the digital carrier created on certain period prior to accomplishment of tasks for which they are intended;
identification – assignment of the identifier to subjects and access objects and/or comparison of the provided identifier with the list of the appropriated identifiers;
integrity – reliability, consistency and relevance of information containing personal data, protection it from damage and unauthorized change;
means of the cryptographic information protection containing personal data – technical, program and technical and applied means, systems and complexes of systems which allow to build algorithms of cryptographic information transform, containing personal data intended for ensuring integrity and confidentiality of information in processing, storages and transfers on communication links;
protection level – the security level pro rata to risk to which personal data processing is exposed, and also in relation to the rights and freedoms of citizens, established according to Requirements, developed and staticized according to the level of technology development and implementation cost of these measures (N-1 or N-2);
security policy of personal data – the document developed by the holder of personal data who represents the exact description of the security measures and signs of protection selected for data security, considering potential risks for the processed personal data and real risks to which these data are exposed;
security perimeter – zone which represents the access barrier provided with means of physical and engineering supervision of access;
person responsible for security policy of personal data – person who is responsible for the corresponding functioning of end-to-end system of the information protection containing personal data and also for development, implementation and monitoring of observance of provisions of security policy of the holder of personal data;
information protection from inadvertent actions – package of measures, the inadvertent actions directed to warning caused by the user's errors, defects of the used technical means, the natural phenomena or other reasons which have the direct purpose no change of information, but which lead to misstatement, destruction, copying, blocking of information access, and also to its loss, destruction or the defect of the material information medium containing personal data;
the carrier of personal data – magnetic, optical, laser, paper or other information medium on which it is created, fixed, transferred is accepted, stored or the document and which allows its reproduction is otherwise used;
data recovery – procedures for reconstruction of personal data to condition in which they were until loss or destruction;
information technologies (IT - English - informational technology) – community of processes, methods and means on the processing and information transfer containing personal data, and rules of its use;
the user – person acting under the authority of the holder of personal data with the recognized right of access to personal data information systems;
working session – the period which lasts from the moment of turning on of the computer and appendix on use of information resource or launch of information resource and until their stop;
personal data information system – set of the interconnected resources and information technologies, methods and personnel intended for storage, processing and provision of information containing personal data;
storage – accumulating of personal data on any carriers.
Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info
Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system
If you cannot find the required document, or you do not know where to begin, go to Help section.
In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.
You also may open the section Frequently asked questions. This section provides answers to questions set by users.