Job descriptions of persons processing personal data. How to write personal data in the job description. Working with personal data

The document is developed by the heads of departments, after which it is approved by the director of the enterprise. The job description (hereinafter - DI) is drawn up in accordance with the regulation on the unit.

Reference! The legislation does not establish clear requirements for the preparation job description. The company can independently choose the procedure for issuing such a document.

The normative act must have a structure that determines its content:

• General provisions.
• Functions.
• Job responsibilities.
• Rights.
• A responsibility.

The document is drawn up on the standard letterhead of the enterprise, indicating all the details in the corner.

Organization details include:

1. Business name;
2. name of the type of document (job description);
3. date of signature of the document by the head;
4. registration number;
5. place of the act.

Step-by-step instructions for compiling CI

When compiling the DI, the generally accepted structure and some provisions of the document should be observed.

For security administrator

Drawing up a document begins with the corner filling in the details:

1. in the left corner you need to indicate the name of the enterprise;
2. below the name of the department;
3. in the right corner the word "APPROVE" is indicated;
4. under this word the position and personal signature of the head are indicated;
5. Below is the transcript of the signature and date.

The name of the document is written below, under it is the registration number and the place where it was created. Further, the content of the instruction is prescribed in detail, according to the above structure.

General provisions

The section should contain a description of the position - data processing security administrator, basic requirements for the employee - work experience, qualifications, special education.

General provisions regulate the procedure for replacing an employee. Be sure to include in the instructions legal documents, which should guide the security administrator in his professional activity. The IA must be drawn up in accordance with these documents. These include: the Labor Code of the Russian Federation, the Federal Law "On Personal Data" No. 152-F of July 27, 2006, company orders, orders, etc.).

Functions

This section formulates the area of ​​work and the main task of the security administrator according to the position. Functional responsibilities of this position include:

• work with employee accounts, their timely adjustment;
• control over the implementation of relevant regulatory documents on;
• maintenance of the subsystem for ensuring the integrity of information (monitoring the absence of residual information at the end of the employee's work on a personal computer (hereinafter referred to as PC), monitoring the operation of anti-virus programs, etc.);
• control over the integrity of seals, stickers on PC system units;
• control over the implementation of repair work of the PC, preventing unauthorized persons from opening;
• information during the repair, in order to avoid violation of the storage of personal data;
• development of information programs for data protection;
• informing the management about cases of unauthorized access to the network, attempts to damage or copy.

Responsibilities

The Job Responsibilities section governs the conditions that this employee must perform in the exercise of their functions, for example: to comply with the rules work schedule enterprises; comply with the established deadlines for the preparation of documentation.

Rights

The section assigns to the employee a number of rights that he can use in the performance of their duties. Here, both general rights are taken into account, for example, providing an employee with a workplace, and those that are necessary for the implementation of confidential (?).

For example: the right to participate in the permit conflict situations associated with violation information security.

A responsibility

This part of the JI clarifies the level of responsibility for failure to perform their functions and duties, referring to the Code of administrative offenses, in particular Art. 13.11 “Violations of the procedure established by law for the collection, storage, use or dissemination of information about citizens (personal data)” (you can familiarize yourself with the requirements established by the Government for their processing and protection of personal data).

Some instructions are supplemented by the "Interaction" section. This part should contain the special duties of the administrator in relation to other employees, departments of the enterprise, managers. For example, interaction with the accounting department, security service, etc. is established.

At the end of the document, fields are left to indicate the last name, first name and patronymic, the date of familiarization with the act and the signature of the employee.

For manager

The structure of the job description is the same for any position. Its compilation begins with the details in the left and right corners of the document.

General provisions

The section describes the position of the personal data processing manager (hereinafter the processing manager), basic requirements and qualification characteristics employee. The General Provisions contain information about the person who is authorized to appoint and dismiss an employee from the post of Processing Manager.

The section establishes the subordination of an employee and the procedure for replacing him. This part also indicates all the documents that the processing manager must take into account in carrying out his activities.

Functions

Section defines functional responsibilities employee in the position. The functions of the processing manager must include:

• internal control over compliance by the enterprise with the Law of the Russian Federation on personal data;
• consultation for users on issues of automated and non-automated;
• use of personal data processing;
• interaction with other bodies on issues and coordination of employees of the enterprise during the planned.

Responsibilities

This section for the processing manager should consist of information about the conditions that the employee must adhere to during their activities. Usually this compliance ethical standards behavior within the team, the timing of the preparation of current documentation, .

Rights

The instruction defines the rights that the processing manager has during the implementation work activities. The personal data processing manager has the right to: request information and Required documents employees who ensure the security of personal data.

A responsibility

The section indicates the category of responsibility that the processing manager has in case of violation of the law. Also, this part of the instruction establishes the right of the enterprise to resort to disciplinary sanctions (within the framework of Labor Code), in the event of a violation by the processing manager of his duties. At the end of the act, the employee enters his last name, first name and patronymic, puts the date and signature, which is a confirmation of his familiarization with the document.

When do you need to familiarize the employee with the document?

When hiring, the employee must be familiar with the job description. As confirmation of the action, the CI is endorsed by the employee at the end. Some enterprises duplicate the fact of familiarization in a special one.

Important! You can issue a job description as an attachment to employment contract. Its presence is mentioned at the beginning of the document, the act itself becomes mandatory for the employee from the moment the contract is signed.

The employer independently approves the structure of the job description for persons responsible for organizing the processing of personal data. It may contain one section, which will indicate general provisions and all functional duties of the employee. The main thing is to avoid congestion, duplication of text, and be based on simple concepts when drawing up an internal document.

A properly drawn up regulatory document, although it is internal, can help resolve various disputes related to the violation of the processing of personal data.

Make proposals for improving the work related to the responsibilities provided for in this instruction. 3.7. Within its competence, report to the director about the shortcomings identified in the process of execution official duties and make suggestions for their elimination. 3.8. Require the director to assist in the performance of their duties and rights. 3.9. Involve, with the permission of the director, employees of all structural divisions to solve the problems assigned to him. 3.10. Request personally or through the director information and documents necessary for the performance of their duties.

1. A responsibility

The person responsible for organizing the processing of personal data is responsible for: 4.1.

Recommendations for the preparation of documents regulating the processing of personal

Do not allow persons who do not have the appropriate rights to work with personal data. 2.10. Register appeals and requests of personal data subjects or their representatives in the Register of appeals of personal data subjects on the exercise of their legal rights when processing personal data on the exercise of their legal rights. 2.11. Provide methodological guidance to the work of security administrators and administrators of personal data information systems in the field of personal data protection.
2.12. Propose to the management measures to improve the work on the protection of personal data.

1. Rights

Responsible has the right. 3.1.

Working with personal data

For causing material damage– within the limits determined by the current labor and civil legislation Russian Federation. 5. PROCEDURE FOR REVISION OF JOB INSTRUCTIONS 5.1. The job description is reviewed, amended and supplemented as necessary, but at least once every five years. 5.2. With the order to make changes (additions) to the job description, all employees of the institution who are subject to this instruction are familiarized against receipt.

The job description was developed in accordance with the order CEO dated March 11, 2015 No. 71. AGREED Head of the Human Resources Department I.V. Gamow 03/19/2015 I am familiar with this instruction. I received one copy in my hands and undertake to keep it at my workplace.
Responsible for organizing the processing of personal data V.A.

Job descriptions: draw up and approve

After the preparation and transfer of the document in accordance with the resolution, the files of drafts and versions of the document are transferred by the employee who prepared them to labeled media intended for storing personal data. Without the consent of the head of the structural unit, the formation and storage of databases (file cabinets, file archives, etc.) containing confidential data is prohibited. The transfer of personal data is allowed only in cases established by the Federal Laws of the Russian Federation "On Personal Data", "On the Procedure for Considering Appeals of Citizens of the Russian Federation", current instructions for working with official documents and appeals of citizens, as well as on a written instruction (resolution) of higher officials persons.

Attention

The processing of personal data cannot be recognized as carried out using automation tools only on the basis that personal data are contained in the personal data information system or have been extracted from it); — general rules storage and transfer of personal data (for example, it is forbidden to leave physical media with personal data unattended in an unlocked room. All employees who constantly work in rooms where personal data is processed must be allowed to work with the relevant types of personal data. Employees working with personal data, it is forbidden to communicate them orally or in writing to anyone, unless it is caused by business necessity.

How to write personal information in a job description

Comply with the requirements of the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, the Rules for the processing of personal data and other regulatory documents in the field of processing and protecting personal data. 2.2. Bring to the attention of employees the provisions of the legislation of the Russian Federation on personal data, the Rules for the processing of personal data and other regulatory documents on the processing and requirements for the protection of personal data. 2.3. Conduct briefings and classes on the study of the legal framework for the protection of personal data with employees who have access to personal data, and keep a Log of information security briefings.

2.4. Provide advice to employees on the use of personal data protection tools. 2.5.

Important

Monitor compliance with the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, and the Rules for the processing of personal data in accordance with the Rules for the implementation of internal control over the compliance of the processing of personal data with the requirements for the protection of personal data 2.6. Carry out regular internal audits in accordance with the Internal Audit Plan for monitoring compliance with personal data processing requirements for the protection of personal data. 2.7. Participate in investigations of cases of unauthorized access to personal data and other violations of the Rules for the processing of personal data.

2.8. Compile and propose to the director for approval a list of persons and the scope of their powers who are allowed access to personal data. 2.9.

The removal of removable media of personal data for direct transfer to the addressee is carried out only with the written permission of the head of the structural unit). - the procedure for the loss or destruction of removable media of personal data (for example, the facts of the loss of removable media containing personal data, or the disclosure of the information contained in them, are immediately notified to the head of the relevant structural unit. An act is drawn up on the lost media. Appropriate notes are entered in the logs personal accounting of removable media of personal data Removable media of personal data that have become unusable, or have served the specified period, are subject to destruction.

The destruction of removable media with confidential information is carried out by an “authorized commission”.

Info

For improper performance or non-performance of their official duties provided for by this instruction, within the limits determined by the current labor law Russian Federation. 4.2. For offenses committed in the course of carrying out their activities, within the limits determined by the current administrative, criminal and civil legislation of the Russian Federation. 4.3. For causing material damage - within the limits determined by the current labor and civil legislation of the Russian Federation.

1. The procedure for reviewing the job description

This Instruction is reviewed, amended and supplemented as necessary, but at least once every five years. 5.2. With the order to make changes (additions) to this Instruction, all employees who are subject to this Instruction are familiarized against receipt.
Upon completion of the work, the user hands over the removable media for storage to an authorized employee, about which a corresponding entry is made in the accounting log. - rules for the use of removable media of personal data (for example, it is prohibited:

• store removable media with personal data along with media open information, on desktops, or leave them unattended or transfer them for storage to other persons;
• remove removable media with personal data from office premises to work with them at home, in hotels, etc.

When sending or transferring personal data to recipients, only data intended for recipients is recorded on removable media. Sending personal data to recipients on removable media is carried out in the manner established for documents for official use.
Rights of the person responsible for organizing the processing of personal data in the organization 3.1. The person responsible for organizing the processing of personal data has the right to: make decisions within their competence; require employees of the organization to comply with applicable law, as well as local regulations of the organization on personal data; control in the Service the implementation of measures aimed at ensuring the fulfillment of the obligations provided for by the Federal Law of July 27, 2006 No. 152-FZ “On Personal Data” and the regulatory legal acts adopted in accordance with it; interact with departments and other structural divisions of the organization on the processing of personal data. 4. Responsibility of the person responsible for organizing the processing of personal data in the organization 4.1.

JOB DESCRIPTION No. ____

responsible for organizing the processing of personal data

1. General provisions

1.1. This job description (hereinafter referred to as the Instruction) defines the responsibility, rights and obligations of the person responsible for organizing the processing of personal data (hereinafter referred to as the Responsible) in _______________________________________________________________ (hereinafter referred to as __________________).

1.2. This instruction has been developed in accordance with Articles 18.1, 22, 22.1 and 24 federal law dated July 27, 2006 No. 152-FZ “On Personal Data” and with clause 1 of the “List of Measures Aimed at Ensuring the Fulfillment of the Obligations Provided for by the Federal Law “On Personal Data” and regulations adopted in accordance with it, operators that are state or municipal bodies”, approved by the Decree of the Government of the Russian Federation of March 21, 2012 No. 211.

1.3. Responsible is appointed to the position from among staff members __________________ order ____________.

1.4. Regarding the processing and protection of personal data, the Responsible reports directly to _____________ __________________.

1.5. During the absence of the Responsible (vacation, illness, etc.), his duties are performed by a person appointed in in due course which acquires the relevant rights and is responsible for the proper performance of the duties assigned to it.

1.6. The person responsible in his work is guided by this Instruction, the Concept of Information Security, the Information Security Policy, other regulatory documents of __________________, guidelines and regulatory documents of the regulators of the Russian Federation in the field of ensuring the security of personal data.

1. Job Responsibilities

Responsible must:

2.1. Comply with the requirements of the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, the Rules for the processing of personal data and other regulatory documents __________________ in the field of processing and protecting personal data.

2.2. Bring to the attention of employees of __________________ the provisions of the legislation of the Russian Federation on personal data, the Rules for the processing of personal data and other regulatory documents __________________ on the processing and requirements for the protection of personal data.

2.3. Conduct briefings and classes on the study of the legal framework for the protection of personal data with employees of __________________ who have access to personal data, and keep a Log of information security briefings.

2.4. Provide advice to employees on the use of personal data protection tools.

2.5. Monitor compliance in __________________ with the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, and the Rules for the processing of personal data in accordance with the Rules for the implementation of internal control over the compliance of the processing of personal data with the requirements for the protection of personal data

2.6. Carry out regular internal audits in accordance with the Internal Audit Plan for monitoring compliance with personal data processing requirements for the protection of personal data.

2.7. Participate in investigations of cases of unauthorized access to personal data and other violations of the Rules for the processing of personal data.

2.8. Compile and propose for approval to the director __________________ a list of persons and the scope of their powers who are allowed access to personal data.

2.9. Do not allow persons who do not have the appropriate rights to work with personal data.

2.10. Register appeals and requests of personal data subjects or their representatives in the Register of appeals of personal data subjects on the exercise of their legal rights when processing personal data on the exercise of their legal rights.

2.11. Provide methodological guidance to the work of security administrators and administrators of personal data information systems in the field of personal data protection.

2.12. Propose to the management measures to improve the work on the protection of personal data.

1. Rights

Responsible has the right.

3.1. Require employees __________________ to comply with the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, the Rules for the processing of personal data and other regulatory documents __________________ in the field of processing and protecting personal data.

3.2. Prohibit employees __________________ access to personal data in order to prevent unauthorized access to protected information.

3.3. Conduct an investigation into cases of unauthorized access to personal data and other cases of violation of the mode of processing personal data.

3.4. Make suggestions for application disciplinary action to employees of __________________ who violated the requirements of the Rules for the processing of personal data and other regulatory documents of __________________ in the field of processing and protecting personal data.

3.5. Get acquainted with the design decisions of the management regarding its activities.

3.6. Make proposals for improving the work related to the responsibilities provided for in this instruction.

3.7. Within its competence, report to the director __________________ about the shortcomings identified in the course of the performance of official duties, and make proposals for their elimination.

3.8. Require director __________________ to assist in the performance of their duties and rights.

3.9. To involve, with the permission of the director __________________, employees of all structural divisions in solving the tasks assigned to him.

3.10. Request personally or through the director __________________ information and documents necessary for the performance of their duties.

1. A responsibility

The person responsible for organizing the processing of personal data is responsible for:

4.1. For improper performance or non-performance of their official duties provided for by this instruction, to the extent determined by the current labor legislation of the Russian Federation.

4.2. For offenses committed in the course of carrying out their activities, within the limits determined by the current administrative, criminal and civil legislation of the Russian Federation.

4.3. For causing material damage - within the limits determined by the current labor and civil legislation of the Russian Federation.

1. The procedure for reviewing the job description

5.1. This Instruction is reviewed, amended and supplemented as necessary, but at least once every five years.

5.2. With the order to make changes (additions) to this Instruction, all employees of __________________ who are subject to this Instruction are familiarized against receipt.

The person responsible for organizing the processing of personal data is an employee of the organization who is responsible for complying with the rules for working with personal information. This article will tell about the requirements of the legislation to the person responsible for organizing the processing of personal data.

Requirements for the person responsible for organizing the processing of personal data

According to the requirements of Article 22.1 of the Law “On Personal Data” dated July 27, 2006 No. 152-FZ, an organization that works with personal information of citizens (its employees, customers and other persons) is obliged to appoint a person responsible for organizing the processing of personal data. At the same time, an exact indication of which executive organizations can be appointed responsible, the norms of Federal Law No. 152 do not contain. In practice, most often this is assigned to an employee leading personnel office work in the organization or work with the clients of the company.

By virtue of part 2 of article 22.1 of the Federal Law No. 152, the responsible officer is accountable only to the management of the organization (director or other executive body). This means that in order to avoid violations of subordination in the organization, it is recommended to appoint a responsible employee from among the leaders, and not from the rank and file.

Part 4 of Article 22.1 of Federal Law No. 152 imposes the following duties on the person responsible for organizing the processing of personal data:

Don't know your rights?

1. Conduct briefings with employees of the organization on compliance with the law and internal documents companies regarding the processing of personal data.
2. Monitor compliance with the technical and administrative measures taken by the organization to protect personal data (check the safety and procedure for filling in personal data carriers, the conditions and procedure for accessing them, etc.).
3. Organize the work of receiving and processing applications received by the organization both from citizens and from control and supervisory authorities.

It should be remembered that this list is not exhaustive, therefore, other responsibilities may also be assigned to the responsible person, for example:

• develop or participate in the development of internal documents on the protection of personal data;
• carry out accounting of information carriers and issue permits to them.

Documents relating to the person responsible for organizing the processing of personal data (order, job description)

The appointment of a responsible person is carried out by issuing an appropriate order for the organization. It is important to emphasize that the order must indicate not only the position of the employee, but also his initials. Accordingly, if such an employee is replaced, it will be necessary to make changes to the order or prepare a new order with the data of the new employee.

Download order form

At the same time, the rights, duties and powers of an employee are not reflected in the order on his appointment, but in the regulation on the processing of personal data in the organization and his job description. The norms of the Labor Code of the Russian Federation do not contain special requirements for job descriptions of employees, however, due to the requirements of Part 2 of Article 152 of Federal Law No. 152, such documentation must be approved by a separate order (order) of the organization.

Practitioners need to remember that from July 1, 2017, the amendments made to Article 13.11 of the Code of Administrative Offenses came into force, which significantly increased administrative liability for violations committed when working with personal data in an organization. This means that the activities of the responsible person and the preparation of the documentation necessary for his work (order, job description) should be treated with all due care. The entire process of compliance with the legislation on personal data of citizens largely depends on the accuracy and consistency of the work of the responsible person, the exact implementation of which will save the company from significant penalties.

T.Yu. Morzhina I APPROVE Principal of the Secondary School No. 66 N.A. Sofronova "" 20. INSTRUCTION RESPONSIBLE FOR ORGANIZING THE PROCESSING OF PERSONAL DATA in the municipal budgetary educational institution of the city of Ulyanovsk "Secondary school No. 66" 1.1. This instruction of the person responsible for organizing the processing of personal data (hereinafter referred to as the Instruction) is guidance document responsible for organizing the processing of personal data (hereinafter referred to as PD) in information systems personal data (hereinafter referred to as ISPD), as well as without the use of automation tools that ensure the security of information in accordance with the requirements of regulatory documents Federal Service for technical and expert control (FSTEC of Russia), the Federal Security Service of the Russian Federation and organizational and administrative documentation, as well as the continuous functioning of all elements of ISPD.

Instructions of the person responsible for organizing the processing of personal data

• monitor the timely implementation of the necessary routine work to ensure the security of PD during their processing in ISPD in order to keep the information security system up to date;
• monitor the maintenance of the information protection system used in Secondary School No. 66 up to date (timely development, correction and reissue of documents, study and monitoring regulatory framework on PD protection) and prepare proposals for its improvement;
• take part in the implementation of internal control over the compliance of PD processing with the requirements for the protection of PD in Secondary School No. 66;
• keep a log of training and instructing users, provided for in Appendix No. 1 to the Instruction.

Job description of the person responsible for the processing of personal data

Do not allow persons who do not have the appropriate rights to work with personal data. 2.10. Register appeals and requests of personal data subjects or their representatives in the Register of appeals of personal data subjects on the exercise of their legal rights when processing personal data on the exercise of their legal rights. 2.11. Provide methodological guidance to the work of security administrators and administrators of personal data information systems in the field of personal data protection.

2.12. Propose to the management measures to improve the work on the protection of personal data.

1. Rights

Responsible has the right. 3.1.

Job description of the person responsible for the processing of personal data at school

Administration of Shakhovsky rural settlement with a proposal to suspend the process of processing personal data or remove the user from work in cases of violation of the established technology for processing personal data or violation of the confidentiality regime; - to give their proposals for improving the organizational, technological and technical measures for the protection of personal data in the Administration of the Shakhovsky rural settlement. 4. Responsibility of the person responsible for organizing the processing of personal data of the administration of the Shakhovsky rural settlement .

Job description of the person responsible for ensuring the security of personal data

For improper performance or non-performance of their official duties provided for by this instruction, to the extent determined by the current labor legislation of the Russian Federation. 4.2. For offenses committed in the course of carrying out their activities, within the limits determined by the current administrative, criminal and civil legislation of the Russian Federation. 4.3. For causing material damage - within the limits determined by the current labor and civil legislation of the Russian Federation.

1. The procedure for reviewing the job description

5.1.
This Instruction is reviewed, amended and supplemented as necessary, but at least once every five years. 5.2. With the order to make changes (additions) to this Instruction, all employees who are subject to this Instruction are familiarized against receipt.

Job description of the person responsible for the processing of personal data

Lvov10.01.2015 Job description No. 86 responsible for organizing the processing of personal data Moscow 01.10.2015 1. GENERAL PROVISIONS 1.1. This job description defines the functional duties, rights and responsibilities of the employee responsible for organizing the processing of personal data of the State budget institution(hereinafter - GBU). 1.2. The person responsible for organizing the processing of personal data (hereinafter - the Responsible) is appointed to the position from among the full-time employees of the institution by order of the head of the institution.

1.3. The person responsible for the processing of personal data reports directly to the head of the institution. 1.4. The person responsible for organizing the processing of personal data must be aware of the laws and other regulations governing the processing of personal data. 1.7.

Job description of the person responsible for organizing the processing of personal data at school

Important

Request personally or through the immediate supervisor information and documents necessary for the performance of their duties. 3.10. To involve, with the permission of the management, employees of all (individual) structural divisions in solving the tasks assigned to him. 4. RESPONSIBILITY The person responsible for organizing the processing of personal data is responsible for: 4.1.

For improper performance or non-performance of their official duties provided for by this job description, to the extent determined by the current labor legislation of the Russian Federation. 4.2. For offenses committed in the course of carrying out their activities, within the limits determined by the current administrative, criminal and civil legislation of the Russian Federation. 4.3.

Job description of the person responsible for organizing the processing of personal data in the state

• Organize the work of receiving and processing applications received by the organization both from citizens and from control and supervisory authorities.
It should be remembered that this list is not exhaustive, therefore, other responsibilities may also be assigned to the responsible person, for example:

• develop or participate in the development of internal documents on the protection of personal data;
• carry out accounting of information carriers and issue permits to them.

Documents relating to the person responsible for organizing the processing of personal data (order, job description) The appointment of a responsible person is carried out by issuing an appropriate order for the organization. It is important to emphasize that the order must indicate not only the position of the employee, but also his initials.

Job description of the person responsible for organizing the processing of personal data

The person responsible for organizing the processing of personal data is an employee of the organization who is responsible for complying with the rules for working with personal information. This article will tell about the requirements of the legislation to the person responsible for organizing the processing of personal data. Requirements for the person responsible for organizing the processing of personal data Documents relating to the person responsible for organizing the processing of personal data (order, job description) Requirements for the person responsible for organizing the processing of personal data an organization that works with personal information of citizens (its employees, customers and other persons) is obliged to appoint a person responsible for organizing the processing of personal data.

Sample job description of the person responsible for organizing the processing of personal data

Here you can find typical job descriptions for various specialties. Our bank of job descriptions includes more than 2500 different documents. These job descriptions were compiled and edited in 2015, which means they are relevant today.

From this article you will learn:

• what duties, powers and rights reflect the job description of the person responsible for organizing the processing of personal data;
• what provisions are contained in the standard job description of the person responsible for organizing the processing of personal data;
• for which areas of work under this job description is responsible this specialist in your organization.

Read more about job descriptions here: Society with limited liability Alfa APPROVEDGeneral Director A.V.

Job description of those responsible for the processing of personal data

Make proposals for improving the work related to the responsibilities provided for in this instruction. 3.7. Within its competence, report to the director about the shortcomings identified in the course of the performance of official duties, and make proposals for their elimination. 3.8. Require the director to assist in the performance of their duties and rights.
3.9. To involve, with the permission of the director, employees of all structural divisions in solving the tasks assigned to him. 3.10. Request personally or through the director information and documents necessary for the performance of their duties.

1. A responsibility

The person responsible for organizing the processing of personal data is responsible for: 4.1.

Brings to the attention of employees of Secondary School No. 66, who have access to PD, the provisions and requirements of regulatory and legal acts on the organization of the processing of personal data, including the provisions of the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data"; Decree of the Government of the Russian Federation of November 1, 2012 No. 1119 “On approval of requirements for the protection of personal data during their processing in personal data information systems”; Decree of the Government of the Russian Federation of September 15, 2008 No. 687 “On Approval of the Regulations on the Features of the Processing of Personal Data Carried Out Without the Use of Automation Tools”. 2.3. Ensures that employees comply with the instructions, orders, regulations and other documents adopted at Secondary School No. 66 on the protection of personal data. 3. Rights and obligations of the person responsible for organizing the processing of personal data 3.1.