Workshop on Security of Personal Data Processing 2018

One of the core obligations for all businesses, including SMEs, acting either as data controllers or data processors, in GDPR is that of the security of personal data. In particular, according to GDPR security equally covers confidentiality, integrity and availability and should be considered following a risk-based approach: the higher the risk, the more rigorous the measures that the controller or the processor needs to take (in order to manage the risk).

ENISA organizes in February 8, 2018 a workshop on security measures (article 32 GDPR) in Rome, in co-operation with the Italian Data Protection Authority (Garante per la protezione dei dati personali).

This workshop is in the context of relevant ENISA’s work in 2016 and 2017, especially targeting SMEs (where we collaborated with experts from Italian and Greek DPAs).

The workshop notes are available for download here.