The Information and Data Protection Commissioner and the Secretariat of the Investment Council, in cooperation with the Albanian Association of Foreign Investors (FIAA), organized a roundtable dialogue with the business community on awareness of the rights and obligations arising from Law No. 124/2024 “On the Protection of Personal Data”.

During his speech, the Information and Data Protection Commissioner, Mr. Besnik Dervishi, emphasized that this law has a wide impact on businesses, as it defines a series of innovations regarding the obligations for the processing of personal data. He emphasized the need for businesses to develop internal data protection policies in a timely manner and to adapt their practices in accordance with the new regulations. “The innovations of the new law dictate us towards a new spirit, towards a new approach, therefore it is very necessary that the law is understood and implemented in the right way by everyone and for this you will have all the cooperation from our side, hoping and wishing for the establishment of a loyal institutional partnership”, said Mr. Dervishi.

Next, Mr. Balazs Revesz, President of FIAA, assessed the importance of this dialogue as a valuable opportunity to address the challenges and responsibilities that businesses will have in the framework of the implementation of the new law. He emphasized that transparency and clarity in the interpretation of legal provisions are essential, while businesses, especially those that process high volumes of data, should invest in more secure systems and improve their risk management capacities. Revesz underlined the role of public institutions and business organizations in providing specialized instructions and training for compliance with the law.

During the open discussion, business representatives shared their concerns and opinions on the practical challenges of implementing the law, highlighting the need for clarity on their legal roles and responsibilities. They raised issues regarding the additional costs that enforcement of the law may create, the resources needed to ensure compliance, and the challenges in managing sensitive data. They also requested more guidance on specific procedures for reporting breaches, data retention obligations, and audit and oversight mechanisms. The Commissioner’s Office expressed its commitment to developing trainings with businesses to help increase understanding of the legal changes, as well as to preparing all necessary guidance on the implementation of the new law on the protection of personal data.