For more information, please visit https://www.lexing.law/avocat/anne-renard/
Anne Renard
Recognized in Best Lawyers since 2023 Awarded Practice Areas
Information Technology Law Privacy and Data Security Law
Awarded Practice Areas
Information Technology Law Privacy and Data Security Law
Biography
Locations
Languages
- English
- French
Client Testimonials
Awards & Focus
Recognized in The Best Lawyers in France™ 2027 for work in:
- Information Technology Law
- Privacy and Data Security Law
Q&A
Over the past two years, the firm assisted, under the head of Alain Bensoussan and Anne Renard, a large number of cities neighbouring Paris to become compliant with the General Data Protection Regulation (GDPR).
In 2021, the firm became the outsourced DPO of the following cities: Gennevilliers, Puteaux, Rosny sous-bois, Saint-Ouen, Bussy Saint-Georges, Aulnay-sous-Bois, Gennevilliers, Villejuif, Villeneuve la Garenne, La Courneuve, La Garenne Colombes, Rosny sous-Bois, Saint-Ouen, Villepinte.
It is also the outsourced DPO of the Conseil régional île de France
There are a number of provisions that are specifically relevant for the public sector. Municipalities, local authorities and public agencies must act in a proactive way in order to secure permanent compliance.
Furthermore, each of them must be able to demonstrate at any moment that it carries out its processing of personal data in accordance with the requirements of the GDPR.
Local authorities process a lot of personal data, whether it is to manage the public services (civil status, school registrations, electoral lists, etc.), human resources or security of their premises (access control by badge, video surveillance). For this reason, the GDPR introduces a duty for public authorities or bodies to appoint a data protection officer (DPO), whether internally if they have the necessary resources or externally.
Each controller shall maintain a record of processing activities under its responsibility. In addition, where a type of processing is likely to create a high risk for the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an impact assessment (AIPD). This is the case, for example, for professional alert systems or certain application processes that determine if you're eligible or not to social housing.
In order to support local authorities in their compliance with the GDPR, the CNIL has published a "GDPR awareness guide for local authorities". The sharpness of GDPR enforcement in the public sector is a trend that will only grow stronger with the digital transformation of public policy.
In this context, compliance with data protection rules is a factor of transparency and trust with regard to citizens and agents, who are increasingly sensitive to the protection of their data
In 2021, the firm became the outsourced DPO of the following cities: Gennevilliers, Puteaux, Rosny sous-bois, Saint-Ouen, Bussy Saint-Georges, Aulnay-sous-Bois, Gennevilliers, Villejuif, Villeneuve la Garenne, La Courneuve, La Garenne Colombes, Rosny sous-Bois, Saint-Ouen, Villepinte.
It is also the outsourced DPO of the Conseil régional île de France
There are a number of provisions that are specifically relevant for the public sector. Municipalities, local authorities and public agencies must act in a proactive way in order to secure permanent compliance.
Furthermore, each of them must be able to demonstrate at any moment that it carries out its processing of personal data in accordance with the requirements of the GDPR.
Local authorities process a lot of personal data, whether it is to manage the public services (civil status, school registrations, electoral lists, etc.), human resources or security of their premises (access control by badge, video surveillance). For this reason, the GDPR introduces a duty for public authorities or bodies to appoint a data protection officer (DPO), whether internally if they have the necessary resources or externally.
Each controller shall maintain a record of processing activities under its responsibility. In addition, where a type of processing is likely to create a high risk for the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an impact assessment (AIPD). This is the case, for example, for professional alert systems or certain application processes that determine if you're eligible or not to social housing.
In order to support local authorities in their compliance with the GDPR, the CNIL has published a "GDPR awareness guide for local authorities". The sharpness of GDPR enforcement in the public sector is a trend that will only grow stronger with the digital transformation of public policy.
In this context, compliance with data protection rules is a factor of transparency and trust with regard to citizens and agents, who are increasingly sensitive to the protection of their data
Your browser is not fully compatible with our automatic printer friendly formatting.
Please use the print button to print this profile page.
