With the development of informational technologies, data security gains increasing importance. Nowadays, a high level of company’s informational security is directly linked not only to its reputation or financial risks, but also to the security of its customers’ personal data. Accordingly, as a data controller you must protect data security and implement appropriate organizational and technical measures.
Adequacy of Security Measures and Risk Assessment Measures implemented for data security should be adequate to the risks related to data processing. When assessing these risks, it is advisable to take into account the following factors:
• Category of the data processed;
• Volume of the data processed;
• Number of your organization’s employees and quality of their access to data;
• Observance of data security rules by third parties with access to personal data;
Organizational and Technical Measures of Data Security
• Designate person/s responsible for the security of a database;
• Introduce relevant technical infrastructure and security system;
• A prompt response mechanism must be in place for violation of security rules – organization must be capable to restore data and reduce damages to a minimum;