Amendment LIBE #1927

Article 30 – Paragraph 1+

1a. Having regard to the state of the art and the cost of implementation, such a security policy shall include: (a) the ability to ensure that the integrity of the personal data is validated; (b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of systems and services processing personal data; (c) the ability to restore the availability and access to data in a timely manner in the event of a physical or technical incident that impacts the availability, integrity and confidentiality of information systems and services; (d) in the case of sensitive personal data processing according to Articles 8 and 9, additional security measures to ensure situational awareness of risks and the ability to take preventive, corrective and mitigating action in near real time against vulnerabilities or incidents detected that could pose a risk to the data; (e) a process for regularly testing, assessing and evaluating the effectiveness of security policies, procedures and plans put in place to ensure ongoing effectiveness.

Current Data Privacy Rating is : stronger    Alexander Alvaro Germany ALDE


comments powered by Disqus