archiving documents in electronic format



Similar documents
ACT. of 15 March 2002

OBJECTS AND REASONS

LAW FOR THE ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE

Decree Law No. ( ) of 2011 on Electronic Transactions Law

on Electronic Signature and change to some other laws (Electronic Signature Act) The Parliament has hereby agreed on this Act of the Czech Republic:

Authorisation Requirements and Standards for Debt Management Firms

Trading Rules of the Georgian Stock Exchange

1 L.R.O Electronic Transactions CAP. 308B ELECTRONIC TRANSACTIONS

REPUBLIC OF LITHUANIA. LAW ON ELECTRONIC SIGNATURE

Business Associate Agreement

LAWS OF MALAYSIA. Act 680 ELECTRONIC GOVERNMENT ACTIVITIES ACT 2007 ARRANGEMENT OF SECTIONS PART I PRELIMINARY PART II

Electronic Documents Law

Law of Georgia On Normative Acts

SUBSIDIARY LEGISLATION MOTOR VEHICLES INSURANCE REGULATIONS

CONTENT OF THE AUDIT LAW

Act on Insurance Mediation and Reinsurance Mediation

Business Associate Agreement Involving the Access to Protected Health Information

ACT ON ELECTRONIC SIGNATURES AND CERTIFICATION BUSINESS Act No. 102 of May 31 of 2000

HIPAA BUSINESS ASSOCIATE AGREEMENT

THE REGULATION OF INTERCEPTION OF COMMUNICATIONS BILL, 2007 ARRANGEMENT OF CLAUSES. PART I - PRELIMINARY

KAZAKHSTAN STOCK EXCHANGE

LAWS OF BRUNEI CHAPTER 194 COMPUTER MISUSE ACT

CHAPTER 116. C.12A:12-1 Short title. 1. This act shall be known and may be cited as the "Uniform Electronic Transactions Act."

A BILL for AN ACT. Serial 270 Volatile Substance Abuse Prevention Bill 2004 Ms Scrymgour

Official Journal of RS, No. 86/2006 of REGULATION

THE REPUBLIC OF ARMENIA LAW ON ACCOUNTING CHAPTER 1 GENERAL PROVISIONS

SHARE TRADING POLICY

AUDIT ACT Revised Edition CAP

BROKERAGE AGREEMENT. THIS AGREEMENT is made on BETWEEN:

CHAPTER I General Provisions

Identity Cards Act 2006

Crimes (Computer Hacking)

SAMPLE BUSINESS ASSOCIATE AGREEMENT

PRAKAS On Clearing System of Settlement Payment 3

Federal law on certification services in the area of the electronic signature

Act on Regulation of Transmission of Specified Electronic Mail ( Act No. 26 of April 17, 2002)

CZECH REPUBLIC ACT ON BONDS

HIPAA BUSINESS ASSOCIATE AGREEMENT

Casino, Liquor and Gaming Control Authority Act 2007 No 91

NASAA Recordkeeping Requirements For Investment Advisers Model Rule 203(a)-2 Adopted 9/3/87, amended 5/3/99, 4/18/04, 9/11/05; Amended 9/11/2011

UNOFFICIAL CONSOLIDATION AND TRANSLATION OF LAWS 128(I) OF 2009 AND 52(I) OF 2010 THE PAYMENT SERVICES LAWS OF 2009 TO 2010

SUTLEJ TEXTILES AND INDUSTRIES LIMITED DOCUMENT PRESERVATION AND RETENTION POLICY

4. Laying of orders and regulations before Houses of Oireachtas.

Overview Software Assurance is an annual subscription that includes: Technical Support, Maintenance and Software Upgrades.

Qualified Electronic Signatures Act (SFS 2000:832)

POLICY ON PRESERVATION OF DOCUMENTS

27 July 2006 No.152-FZ RUSSIAN FEDERATION FEDERAL LAW PERSONAL DATA. (as amended by Federal Law of No.266-FZ) Chapter 1.

SMDG-Interchange EDI - Understanding

ELECTRONIC COMMERCE AND ELECTRONIC SIGNATURE ACT (ZEPEP-UPB1) (Official consolidated text)

Personal Data Protection LAWS OF MALAYSIA. Act 709 PERSONAL DATA PROTECTION ACT 2010

Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)

CHAPTER 124B COMPUTER MISUSE

Merchants and Trade - Act No 28/2001 on electronic signatures

NATIONAL BANK OF ROMANIA. REGULATION No.17/2012 regarding certain conditions on granting loans

TC TrustCenter GmbH Time-Stamp Practice and Disclosure Statement

Property Management Services Bill. Contents

Chapter I. 1. Purpose. 2. Your Representations. 3. Cancellations. 4. Mandatory Administrative Proceeding. dotversicherung-registry GmbH

IMPORTANT NOTICES: Your duty, however, does not require disclosure of matter:

Chapter 3 Financial Year

Share Trading Policy. Ecosave Holdings Limited ACN Revision 1: 4 July /v2

REGULATION (EEC) No 2309/93

HIPAA BUSINESS ASSOCIATE AGREEMENT

BUSINESS TERMS AND CONDITIONS FOR USE OF MONKEYDATA SERVICE

STATUTE CENTRAL SECURITIES DEPOSITORY AND CLEARING HOUSE. ("RS Official Gazette", No. 113/2006) I BASIC PROVISIONS. Article 1

Authentication of Documents/Use of Professional Stamps

CHAPTER 7.08 MOTOR VEHICLES INSURANCE (THIRD-PARTY RISKS) ACT MOTOR VEHICLES INSURANCE

TERMS OF USE FOR PUBLIC LAW CORPORATION PERSONAL CERTIFICATES FOR QUALIFIED DIGITAL SIGNATURE

Guidelines on classification of own funds

Authentication of Documents. Use of Professional Seals

ELECTRICITY SUPPLY/ TRADE LICENSE KORLEA INVEST A.S

TITLE 1 INTRODUCTORY PROVISIONS. Chapter 1.1 Definitions and scope

ELECTRONIC TRANSACTIONS LAW N0 (85) OF Article (1)

INSURANCE INTERMEDIARIES (GENERAL BUSINESS) ACT 1996 (As it has effect at 1st June 1999)

PerfectForms End-User License Agreement

ACT. of 22 May on insurance mediation 1. Chapter 1. General Provisions

Part 16. Non-Hong Kong Companies

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO

MISSOURI HIGHWAYS AND TRANSPORTATION COMMISSION ELECTRONIC SIGNATURE AGREEMENT

TERMS OF USE TITLE CERTIFICATES FOR ELECTRONIC SIGNATURE

Ericsson Group Certificate Value Statement

LAW ON THE PROTECTOR OF HUMAN RIGHTS AND FREEDOMS

The Electronic Transactions Act, Chapter I Preliminary Provisions Title and commencement. Interpretation

Guidelines on Data Protection. Draft. Version 3.1. Published by

University of Sunderland Business Assurance Information Security Policy

Article 1. Article 2. The legislation shall mean this Law and the by-laws relating to the compliance with this Law.

Transcription:

LAW No. 135 of May 15 th 2007 on archiving documents in electronic format ISSUER: THE PARLIAMENT OF ROMANIA PUBLISHED WITH: THE OFFICIAL GAZETTE NO. 345 of May 22 nd 2007 The Parliament of Romania passes this law. CHAP. 1 GENERAL PROVISIONS ART. 1 This law regulates the generation, storage, access and use of electronic documents archived or that are to be archived in electronic archives. ART. 2 The archiving processing of electronic documents is performed in compliance with the provisions under the National Archives Law no. 16/1996, as further amended and supplemented, as well as with the regulations in force on the storage, access and security of public or private information. CHAP. 2 - DEFINITIONS ART. 3 For the purposes of this law, the terms and notions below shall be understood as follows: 1. a) electronic archives administrator natural or legal person accredited by the specialized regulatory and monitoring authority to administer the electronic archiving system and the documents archived in the electronic archives; 2. b) electronic archives the electronic archiving system, along with all archived electronic documents; 3. c) electronic archiving services provider any and all natural or legal persons, accredited to provide electronic archiving services; 4. d) storage medium any and all media allowing for the writing or reproducing of

electronic documents; 5. e) electronic message electronic document including identification data on the sender, receiver, as well as on the sending time, created in order to remotely send information using electronic means; 6. f) document access terms the access level allowed by the holder of the right to dispose of the document; 7. g) electronic archiving system electronic IT system dedicated to the collection, storage, organization and categorizing of electronic documents in order to store, access and edit them; 8. h) holder of the right to dispose of the document natural or legal person owner or, as the case may be, issuer of the document, entitled to set and change the document access terms, according to the laws in force. CAP. 3 PROVISION OF ELECTRONIC DOCUMENTS ARCHIVING SERVICES ART. 4 Any and all individual or legal persons are entitled to submit electronic documents for storage in electronic archives, according to the provisions under this law. ART. 5 The provision of electronic archiving services is not subject to prior authorization and is carried out according to the principles of free and loyal competition, in compliance with the regulations in force. ART. 6 1. (1) 30 days prior to the commencement of electronic documents archiving operations, the parties intending to supply electronic archiving services are bound to inform the specialized regulatory and monitoring authority on the commencement date of such operations. 2. (2) Once the notification stipulated under paragraph (1) is sent, the electronic archives administrator is bound to communicate to the specialized regulatory and monitoring

authority all information related to the security and preservation procedure employed, as well as on any and all information requested by the specialized regulatory and monitoring authority. 3. (3) The electronic archives administrator shall be bound to inform the specialized regulatory and monitoring authority, at least 10 days in advance, on any and all intentions to change the security and storage procedures, indicating the date and time on which the modification is to be implemented. The administrator shall also be bound to confirm the respective modification, within 24 hours. 4. (4) In emergency situations, where the security of archiving services is affected, the electronic archives administrator may modify the security and storage procedure, informing the specialized monitoring and regulatory authority, within 24 hours, on the changes performed and the grounds of the decision made. 5. (5) The electronic archives administrator shall be bound to observe, in the performance of its activity, the security and storage procedures declared according to para. (2) - (4). CAP. 4 GENERATION OF ELECTRONIC ARCHIVES ART. 7 The inclusion of electronic documents in electronic archives is subject to the observance of the following requirements: 1. a) the electronic documents shall be signed using the electronic signature of the holder of the right to dispose of the document, hereinafter referred to as electronic signature; 2. b) the electronic signature of the holder of the right to dispose of the document shall be valid; 3. c) the submission of the encryption and decryption key for all encrypted documents subject to the National Archives Laws no. 16/1996, as further amended and supplemented; 4. d) transmission of information stipulated under art. 8 para. (2).

ART. 8 1. (1) The electronic document compliant with the provisions under art. 7 shall be electronically signed by the electronic archives administrator, using an electronic signature that shall also attest the value of the respective document as an original or copy, according to the decision of the right to dispose of the document. The electronic document thus identified shall be stored in the location set by the electronic archives administrator. 2. (2) The electronic archives administrator shall attach, for each archived electronic document, an electronic sheet, including the following information: 1. a) the owner of the electronic document; 2. b) the issuer of the electronic document; 3. c) the holder of the right to dispose of the document; 4. d) the history of the electronic document; 5. e) the type of electronic document; 6. f) the classification level of the electronic document; 7. g) the digital format the electronic document is archived in; 8. h) the key words required for the identification of the electronic document; 9. i) physical storage medium localization elements; 10. j) sole identifier of the electronic document within the electronic archives; 11. k) document's issue date; 12. l) archiving date; 13. m) document s maintenance term. 3. (3) If the electronic document was generated through the transfer of information from analog to a digital support, the sheet shall include the following additional information: 1. a) references to the owner of the original and the location of the original; 2. b) transfer method used; 3. c) hardware used; 4. d) software used.

ART. 9 1. (1) The electronic archives administrator shall be bound to register and maintain the records of all electronic documents in the electronic archives, in an electronic register. 2. (2) The electronic archives register shall be accessible for the public only for the documents for which the holder of the right to dispose of the document has set the public access option. 3. (3) The reference in the archives register to a classified document can be obtained depending on the applicant s access rights. ART. 10 1. (1) The electronic archives administrator shall hold the financial resources required to cover the prejudice that could incur in the performance of the electronic archiving operations. The protection method shall be set through a decision of the specialized regulatory and supervision authority. 2. (2) If the electronic archives include or shall include classified documents, the electronic archives administrator shall observe the legal conditions on the protection of classified information. ART. 11 The sheet accompanying the document shall be archived separately from the document and recorded in the electronic archives register. If the sheet refers to a classified document, the register reference shall be encrypted.

CAP. 5 ELECTRONIC ARCHIVES STORAGE ART. 12 1. (1) The electronic archives administrator is bound to maintain the source code of all software used in the development and use of electronic archives, in electronically signed and classified files, as the case may be. 2.(2) The electronic archives administrator is bound to submit with the National Archives a copy of the code source of any and all software used in the development and use of the electronic archives. 3. (3) If the electronic archives administrator does not the source code, the provisions under para. (1) and (2) shall apply for the exe source code. ART. 13 1. (1) The electronic archives administrator shall be bound to provide maintenance and software allowing for the conversion of any and all electronic documents, archived in the format in which it was generated, into a format allowing for viewing, reproduction and storage of the respective document, according to the commonly used technologies. 2.(2) If a document generated in a format that cannot be identified by the products in the algorithms and software library is archived, the electronic archives administrator shall be bound to add in the library a description of the format thereof upon archiving, as well as the software with which the document was generated and can be viewed. CAP. 6 ACCESSING ELECTRONIC ARCHIVES ART. 14 1. (1) The electronic documents access conditions, as well as the editing thereof shall be exclusively set by the holder of the right to dispose of the document, through an act, to be signed both by the holder of the right to dispose of the document, and by the electronic archives administrator.

2. (2) The electronic document access conditions, set according to paragraph (1), shall be included in the document s electronic sheet, and the act setting these conditions, electronically generated or converted into electronic format, shall be attached to the archived document. 3. (3) The electronic archives' administrator is bound to observe the document access conditions, set according to para. (1), both upon archiving and upon the granting of access to the electronic document in the archives. 4. (4) The liability for setting the access conditions to an electronic document exclusively rests with the holder of the right to dispose of the document, and the liability for the observance of the electronic document access conditions, both upon archiving and upon the granting of the right to access the document, rests with the electronic archives administrator. ART. 15 The electronic archives administrator shall ensure the permanent or upon request access, for each electronic document, according to the provisions under art. 14 and the laws in force. ART. 16 The electronic archived administrator has the following obligations: 1. a) to maintain the electronic archives; 2. b) to generate backup electronic archives, including all archived electronic documents and which is permanently updated off-line; 3. c) to use a homologated security system, guaranteeing for the integrity, security and, if applicable, confidentiality of archived electronic documents; 4. d) to ensure the viewing of any and all electronic documents in the archives; 5. e) to ensure the destruction of documents the archiving period whereof expired; 6. f) to notify the specialized regulatory and monitoring authority, at least 60 days in advance, on the intention to terminate activity, except for force majeure events. In this latter case, the electronic archives administrator is bound to transfer the electronic archives to another electronic archiving services provider, with the approval of the

specialized regulatory and supervision authority. ART. 17 1. (1) Electronic archives are stored in datacenters subjected to prior authorization, in compliance with the legal norms in force on the assurance of: 1. a) integrity and security of electronic documents; 2. b) security and integrity of the area occupied by the equipment hosting the electronic archives; 3. c) recovery of information pursuant to natural disaster, according to the regulations in force. 2. (2) Within 90 days from the enforcement date of this law, the competent regulatory and supervising authority shall issue methodology norms on the authorization of datacenters. CAP. 7 OFFENCES AND CONTRAVENTIONS ART. 18 Failure to observe the provisions under this law triggers, as the case may be, contraventional, civil or criminal liability. ART. 19 The disclosure of the encryption key by the electronic archives administrator represents an offence and it is punished with imprisonment, ranging between 1 and 3 years. ART. 20 Unauthorized access to the documents in the electronic archives constitutes offence and is punished with imprisonment ranging between 3 months and 3 years. ART. 21 Unauthorized copying of the documents in the electronic archives represents offence and is punished with imprisonment ranging between 1 and 12 years. ART. 22 Unauthorized editing of the documents in the electronic archives represents offence and is

punished with imprisonment ranging between 1 and 15 years. ART. 23 The destruction of the electronic archives represents offence and is punished with imprisonment ranging between 6 and 15 years. ART. 24 According to the law, if the electronic administrator s failure to comply with the provisions under art. 6, 8, 9, 11, 15 and 16 does not represent an offence, it shall be regarded as contravention. ART. 25 The cases of contravention under art. 24 shall be sanctions with fees ranging between 3,000 RON and 10,000 RON. ART. 26 1. (1) The acknowledgement of the cases of contravention and the application of the sanctions stipulated under this chapter rest with the management personnel within the specialized regulatory and monitoring authority. 2. (2) The provisions under the Government Ordinance no. 2/2001 regulating cases of contravention, approved as further amended and supplemented through the Law no. 180/2002, as further amended and supplemented shall apply to the cases of contravention stipulated under this chapter. ART. 27 1. (1) The liability for the application of the provisions under this law and of the related regulations rests with the specialized regulatory and monitoring authority, stipulated under chapter IV from the Law no. 455/2001 on electronic signatures. 2. (2) Within 3 months from the enforcement date of this law, the specialized regulatory and monitoring authority, together with the National Archives, shall draft regulations and methodologies for the application of this law, the procedure for the granting, suspension, withdrawal of the electronic archives administrator accreditation decision, as well as of the datacenters' authorizations.

This law was passed by the Parliament of Romania, in compliance with the provisions under art. 75 and 76 paragraph (1) from the Romanian Constitution, as republished. PRESIDENT OF THE CHAMBER OF DEPUTIES BOGDAN OLTEANU PRESIDENT OF THE SENATE NICOLAE VĂCĂROIU Bucharest, May 15 th 2007 No. 135

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information