Financial Crime World

Here is the converted article in Markdown format:

Armenia’s Data Protection Authority Ensures Adequate Protection

Introduction

The Armenian government has taken measures to ensure the adequate protection of personal data in accordance with international standards. A recent amendment to the Personal Data Law requires processors of personal data to obtain permission from the authorized body prior to transferring data to another country.

Prior Permission for International Data Transfers

Processors must specify in their application the country where the data is being transferred, the description of the recipient, the content of the data, and the purpose of processing and transferring the data. The authorized body has 30 days to review the application and may request additional information if necessary.

List of Countries with Adequate Data Protection

The Armenian government has established a list of countries that ensure an adequate level of protection for personal data. Personal data can be transferred to these countries without requiring consent from individuals, provided that contractual safeguards are in place.

Security Measures

Processors must secure the confidentiality of personal data by using encryption keys and ensuring the protection of information systems containing personal data against accidental loss, unauthorized access, or other interference.

Breach Notification and Remediation

In case of a breach of data processing, processors must notify the data subject or their representative within three working days and take necessary measures to eliminate the violation. The law also requires processors to retain personal data only for as long as it is proportionate to the purpose of such retention.

Individual Rights

Individuals have the right to information about their personal data, the right to access their data, and the right to request rectification or destruction of their data if it is not complete, accurate, or has been obtained unlawfully. They also have the right to withdraw their consent for data processing at any time.

Penalties for Violations

The Armenian government has established penalties for violations of the Personal Data Law, including fines ranging from 100 to 500 times the minimum wage.

Key Takeaways

  • Processors must obtain permission from the authorized body prior to transferring personal data to another country.
  • The list of countries that ensure an adequate level of protection for personal data has been established.
  • Processors must secure the confidentiality of personal data and protect information systems containing personal data against interference.
  • Individuals have the right to information, access, rectification, and destruction of their personal data.
  • Violations of the Personal Data Law are subject to penalties.

Sources

  • Code on Administrative Violations
  • Personal Data Law