English Eesti

individual participation and access

isiku osalus ja juurdepääs

ISO/IEC 27018, 29100 jt nõue:
isikuandmesubjekt peab saama
- autenditava juurdepääsu
oma isikutuvastusteabele
(kui seda ei keela kohaldatav õigusakt) ning
- võimaluse parandada ja kõrvaldada
vigaseid või puudulikke andmeid
For a PII controller, adhering to the
individual participation and access principle means:
- giving PII principals with the ability to access and review their PII, provided that they are first authenticated
with an appropriate level of assurance (see Table A-1)
and such access is not prohibited by applicable law,
- allowing PII principals to challenge the accuracy and completeness of the PII and have it amended, corrected
or removed as appropriate and possible in the specific context,
- providing any amendment, correction or removal to PII processors and third parties to whom personal data
had been disclosed, where they are known, and
- establishing procedures to enable PII principals to exercise these rights in a simple, fast and efficient way, which do not
entail undue delay or cost nor any profit for the PII controller.