Skip to content
Home / Function (NIST CSF 2.0) / PR - Protect / DS - Data Security

EU Regulation 2016/679 General Data Protection Regulation (GDPR)

This document focuses on:

The General Data Protection Regulation (GDPR) mandates that organizations processing personal data must implement appropriate technical and organizational measures to ensure cybersecurity proportional to the risks involved. Key cybersecurity requirements include pseudonymization and encryption of personal data, ensuring ongoing confidentiality, integrity, availability, and resilience of processing systems, and the ability to restore data access promptly after incidents. Organizations must regularly test and evaluate their security measures, manage access controls strictly, and have robust incident response plans to report breaches within 72 hours. These measures help protect against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data, thereby safeguarding individuals’ rights and maintaining compliance with GDPR standards.

Art. 32 is dedicated to cyber security and data protection.


Publication's URL

https://eur-lex.europa.eu/eli/reg/2016/679/oj/eng

Additional documents on this topic



How would you rate this document ?

Click on a star to rate it!

What do you think of this document?

Your email address will not be published. Required fields are marked *