RHRPA "Belarusian Helsinki Committee" draws public attention to necessity to take effective measures to protect personal data. First of all, Belarus needs a corresponding law to be passed, which would stipulate the following positions.
- Definition of personal data. Any information which makes it possible to identify a certain individual, should be classified as personal data;
- Principles of protection of personal data;
- Rights of personal data carriers which should also include the right of individual to obtain information about who, when, and what for applied for her information;
- Responsibilities of personal data processor, including the obligation to ensure safe retention of personal data;
- Purpose of personal data retention;
- Terms of personal data retention. Personal data should be retained for the term which is necessary to achieve the purpose of the retention of personal data, and should be destroyed at the expiration of the specified term;
- Procedure of the use of personal data. The procedure should be clearly regulated, which would enable to record who, when, and what for accessed personal data;
- Independent body which would be responsible for the control over circulation of personal data;
- Responsibility for the violation of legislation on personal data protection;
Moreover, following the example of European countries, an effective mechanism of control over the use of personal data of individuals should be created.