Tag Archives: Security measure

Controller and Processor standard clauses

The French DPA (CNIL) and Spanish DPA (AGDP) have issued two guides for data processors, namely “Règlement européen sur la protection des données : un guide pour accompagner les sous-traitants” and “Directrices para contratos responsable – encargado” respectively. Furthermore the English DPA (ICO) has published a draft gdpr contracts guidance. These have a positive impact… Read More »

Costs and security

The GDPR allows the controller to take into account also the cost of the security measures required to comply: article 32 says “Taking into account the state of the art, the costs of implementation…”. Compared to the current legislation this fact is strongly innovative, at least in Italy. “Taking into account the costs” is a… Read More »

About security of the processing

The Amendment 124, Proposal for a regulation, Article 30 states: 1.  The controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks represented by the processing, taking into account the results of a data protection impact assessment (…), having regard to the state of the art and… Read More »