Editor’s Note: The Data Protection Commission (DPC) is the Irish supervisory authority for the General Data Protection Regulation (GDPR). In this recently published guidance note, DPC Ireland shares important information for data controllers and data processors to consider when developing their security policies. This information is also relevant for any entity considering appropriate technical and organizational measures for ensuring personal data security.

Extract from DPC Ireland Guidance Note on Data Security for Controllers

Guidance for Controllers on Data Security*

Data controllers in the private and public sectors hold increasing amounts of personal data on individuals. The decreasing cost of electronic storage and processing has greatly contributed to this. Organizations also increasingly outsource data processing to third party processors to undertake on their behalf. Many organizations also continue to hold large quantities of personal data in manual form – often in off-site locations. The following guidance has been prepared to aid data controllers and processors to ensure they meet their obligations with regard to the security of personal data they process.

Data Collection and Retention Policies

The most effective means of mitigating the risk of lost or stolen personal data is not to hold the data in the first place. Data retention and replication should always be assessed against business needs and minimized, either by not collecting unnecessary data or by deleting data as soon as the need for it has passed. Holding any personal data presents security risks.

Read the Complete Guidance Note (PDF)

Data Security Guidance – DPC Ireland – 022020

Read the original guidance note on Data Security Guidance

Copyrighted information note shared by permission of Regulations on the Re-use of Public Section Information

Additional Reading

Source: ComplexDiscovery

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, DALL-E2, Grammarly, Midjourney, and Perplexity, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.