How to organize the storage of personal data?

D

Dimas1232014-06-03 13:24:08

Law in IT

Dimas123, 2014-06-03 13:24:08

The organization needs a volunteer registration site.
It is necessary that volunteers indicate their full name, passport details, TIN and so on.
How can this be done legally?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

V

v_prom, 2014-06-03
@v_prom

and do not forget to check the box "I agree to the storage and use of my personal data"

M

Mikhail Alekseev, 2014-06-03
@Fandorin

Participated in the development of such a system (Volunteer Management), solved the problem of dividing personal data into two databases: in the first - full name + ID, in the second - other data + ID.
Of course, you need to use https, and you can also encrypt data at the database level.

A

Andrew, 2014-06-03
@OLS

https + Consent of an individual to the processing of personal data (out of 8 mandatory points in accordance with 152-FZ) + The policy for ensuring the security of personal data must be posted on the site.
It is desirable to store the database on the territory of the company, and send the data immediately from the site and not store it on it. So it is much easier to fulfill the requirements of Order No. 21 of the FSTEC, which is currently in force in this area.