Blog

The GDPR obligates controllers to implement appropriate technical and organisational measures to ensure an appropriate security level to the risk of processing.

Frequently, major personal data breaches do not occur in the most important systems of an organisation, but in secondary systems or systems considered less important but which hold a large amount of information or may be the gateway to other systems. This is the case of test, pre-production or...

Security is a necessary but not sufficient element to safeguard rights and freedoms of people regarding personal data protection. In addition, if security measures are not aimed at protecting said rights but to achieving other objectives, they may actually pose a threat to freedom.

In this post, five technical measures will be explained with regard to security that play a main role in the processing of personal data in order to meet the obligations of proactive responsibility established in the GDPR. Such measures will be useful both to avoid security breaches of personal data...