Administrative
Resolution No. (19) of 2022
Approving the Requirements and Procedures for
Issuing Permits to Access the Central Register of
Employees of the Government of Dubai[1]
ـــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ
The Director General of
the Dubai Government Human Resources Department,
After perusal of:
Law No. (31) of 2009 Establishing the Dubai Government Human Resources Department and its amendments;
Law (2) of 2016 Establishing the Dubai Data Establishment and its amendments;
Law No. (1) of 2021 Establishing the Dubai Digital Authority; and
Executive Council Resolution No. (25) of 2020 Concerning the Central Register of Employees of the Government of Dubai and its amendments,
Does hereby issue this Resolution.
The following words and expressions, wherever mentioned in this Resolution, will have the meaning indicated opposite each of them unless the context implies otherwise:
Emirate: |
The Emirate of Dubai. |
Government: |
The Government of Dubai. |
DGHR: |
The Dubai Government Human Resources Department. |
DDE: |
The Dubai Data Establishment. |
Government Entity: |
Any of the Government departments, public agencies or corporations, councils, authorities, or other public entities affiliated to the Government. |
Register: |
The Central Register of Employees of the Government of Dubai established pursuant to the above-mentioned Executive Council Resolution No. (25) of 2020. |
Data: |
A collection of organised or unorganised information, facts, concepts, instructions, observations, or measurements, in the form of numbers, letters, symbols, or images, or in any other form, that are collected, produced, or processed by Government Entities. This includes any information. |
Permit: |
An approval issued by the DGHR authorising a Government Entity, an individual, or any other entity to access the Data of Employees in the Register. |
The issuance of a Permit will be subject to the following requirements:
1.
The names
and Data of the applicant
entity employees who will use the
Register must be provided.
2.
A
confidentiality and non-disclosure undertaking in respect of the Data of the
Register, on the form prescribed by the DGHR for this purpose, must be signed.
3.
The Data requested to
be accessed must be available in the Register.
4.
The grounds
supporting the application for the Permit to access the Register must be
provided.
5.
The Data to
be accessed in the Register must be relevant to the activities and work of the
entity applying for the Permit.
6.
The persons
and entities with whom the Data of the Register will be shared, if any, must be
specified.
7.
The period
during which the Register will be accessed must be specified.
The procedures for obtaining a Permit will be as follows:
1.
An
application for the Permit must be submitted, together with the required
supporting documents and information, through the Dubai Pulse Platform hosted
by the Dubai Digital Authority.
2.
The DGHR
will, in coordination with the DDE, consider the Permit application and verify
that it meets all relevant requirements and that it is accompanied by all
required documents.
3.
The DGHR
will determine the Permit application within ten (10) working days from the
date of its submission. Where required, this time frame may be extended.
4.
Where the Permit
application is rejected, the DGHR will notify the applicant of the reasons for
rejection.
5.
Where the
application is approved, the DGHR will issue the applicant with the Permit and
will determine the rules for accessing the Register by the Permit holder.
A Permit holder must:
1.
comply with
the Data protection and security legislation in force in the Emirate;
2.
use the
Data in the Register for the purpose stipulated in the Permit;
3.
maintain
the confidentiality of the Data in the Register and refrain from sharing it with
others;
4.
comply with
the methods of sharing the Data in the Register as prescribed by the DGHR in
this respect;
5.
where the
Permit is issued to the applicant entity for research purposes, process the Data in the
Register in a manner that does not disclose the identity of individuals; and
destroy any preliminary Data that may lead to such disclosure;
6.
maintain
the level of sensitivity and confidentiality of the Data in the Register as
prescribed in the Permit;
7.
satisfy all technical and regulatory requirements for protecting
the Data in the Register; and
8.
immediately
notify the DGHR and the DDE in case of any emergency that requires replacing the person
authorised by the Permit holder to access the Data in the Register, or where an error that
may affect the quality of Data in the Register is discovered.
The DGHR my revoke a Permit in any of the following cases:
1.
using the
Data in the Register for other than the purpose stipulated in the Permit;
2.
failure to
maintain the confidentiality of the Data in the Register; or
3.
failure to
comply with any of the obligations stipulated in this Resolution.
This Resolution will be published in the Official Gazette and will come into force on the day on which it is published.
Abdullah Ali bin Zayed Al Falasi
Director General
Dubai Government
Human Resources Department
Issued in Dubai on 13 May 2022
Corresponding to 12 Shawwal 1443 A.H.
©2022 The Supreme
Legislation Committee in the Emirate of Dubai
[1]Every effort
has been made to produce an accurate and complete English version of this
legislation. However, for the purpose of its interpretation and application,
reference must be made to the original Arabic text. In case of conflict, the
Arabic text will prevail.