Security measures

Discover what's new in terms of security with the GDPR.

The GDPR strengthens the obligation of data security.

Securing personal data involves identifying and implementing examples of security measures proportionate to the risk identified by acting on:

  • the "elements to be protected" (data): minimize, encrypt, anonymize, etc.

  • "Potential impacts" (erasure, data breach): encryption, allowing to save data, trace activity, manage data breaches etc.

  • "Sources of risk" (uncontrolled access, maintenance application, etc.): control access, manage third parties, fight against malicious code, etc.

  • The "supports" (servers, networks, workstation ...): pseudonymisation, anonymisation, reduction of material vulnerabilities, software, networks, paper documents etc.

  • "Cross-cutting actions" at entity level, the personal data protection policy integrates the protection of personal data in projects

Examples of security measures:

  • Access rights

  • Encryption

  • Data masking

  • Pseudonimization

For more information about security, consult the ICO personal data security guide.

For more information

pageSecurity measures

Last updated