Personal data is very valuable. Let’s learn how to protect them!

Among the other principles prescribed by the GDPR, there is also one principle that defines the integrity and confidentiality of personal data.

In accordance with the GDPR, data controllers and data processors must ensure that the personal data that they process is protected from unauthorized or illegal processing and from accidental loss, destruction, or damage (the principle of integrity and confidentiality).

It is also necessary to ensure adequate security and data protection by using appropriate technical and organizational measures.

❔ In practice – what to do ❔

When a certain type of data processing is likely to result in a high risk to the rights and freedoms of natural persons, an impact assessment is a measure that needs to be carried out.

Data protection impact assessment is a procedure that consists of a description of the envisaged processing procedures, assessment of its necessity and proportionality, management of risks for the rights and freedoms of natural persons, arising from the processing of personal data, by assessing these risks and determining measures to resolve them.

❗ A data protection impact assessment is an important accountability tool as it enables controllers not only to comply with the requirements of the GDPR, but also to determine whether appropriate measures have been taken in order to ensure compliance with the GDPR.

In other words, a data protection impact assessment is a procedure for ensuring and proving the compliance of the personal data processing with the GDPR.

Find out more at:

https://arc-rec-project.eu/wp-content/uploads/2022/02/ARC-Data-Security-1.pdf

https://arc-rec-project.eu/wp-content/uploads/2022/02/ARC-Data-Protection-Impact-Assessments-Guide.pdf