Appropriate Technical and Organisational Measures

Search for glossary terms (regular expression allowed)
Term Main definition
Appropriate Technical and Organisational Measures
The General Data Protection Regulation requires a risk-based approach to data protection, whereby organizations take into account the nature, scope, context and purposes of processing, as well as the risks of varying likelihood and severity to the rights and freedoms of natural persons, and institute policies, controls and certain technologies to mitigate those risks. These "appropriate technical and organisational measures" might help meet the obligation to keep personal data secure, including technical safeguards against accidents and negligence or deliberate and malevolent actions, or involve the implementation of data protection policies. These measures should be demonstrable on demand to data protection authorities and reviewed regularly.
©2021 Data Protection Education Ltd.