Discover what's new in terms of security with the GDPR.
Securing personal data involves identifying and implementing examples of security measures proportionate to the risk identified by acting on:
- the "elements to be protected" (data): minimize, encrypt, anonymize, etc.
- "Potential impacts" (erasure, data breach): encryption, allowing to save data, trace activity, manage data breaches etc.
- "Sources of risk" (uncontrolled access, maintenance application, etc.): control access, manage third parties, fight against malicious code, etc.
- The "supports" (servers, networks, workstation ...): pseudonymisation, anonymisation, reduction of material vulnerabilities, software, networks, paper documents etc.
- "Cross-cutting actions" at entity level, the personal data protection policy integrates the protection of personal data in projects
Examples of security measures:
- Access rights
- Data masking