Menu

GDPR’s Information Security Requirements – What Exactly is ‘Appropriate’?


The GDPR requires organisations to take ‘appropriate’ technical and organisational measures to ensure the confidentially, integrity, availability and resilience of personal data. Article 32 gives us some clues as to what factors can help you to decide what is ‘appropriate’ – cost, risk, state of the art, scope and purpose – but it doesn’t provide the magic formula to take all these variables and make your own conclusion. This session will help you find the answer for your organization and consider how a regulator would work out if you’re doing the right things.

Speaker

Headshot

John Elliott Data Protection Specialist

← View more Videos

This document was retrieved from http://www.rsaconference.com/videos/gdprs-information-security-requirements-what-exactly-is-appropriate on Wed, 14 Nov 2018 19:24:37 -0500.