The Information Commissioner's Office (ICO) has published updated security guidance on encryption and on passwords in online services under the GDPR.
The GDPR requires data controllers to implement appropriate technical and organisational measures to ensure they process personal data securely. Article 32 of the GDPR includes encryption as an example of an appropriate technical measure. The guidance suggests that:
The ICO stresses that where unencrypted data is lost or destroyed, it is possible that it will pursue regulatory action.
Although the GDPR does not say anything specific about passwords, data controllers are required to process personal data securely by means of appropriate technical and organisational measures and passwords are a commonly-used means of protecting access to systems that process personal data. The guidance suggests that:
25/04/2024 - More...
HMRC’s Childcare account can be used to claim free childcare (if eligible) or pay for Tax-Free Childcare. HMRC’s sign in
25/04/2024 - More...
There is useful guidance published on GOV.UK that explains the do’s and don’ts for Standard Visitors to the UK. Visitors
25/04/2024 - More...
The Cycle to Work scheme allows employers to provide bicycles and cyclists’ safety equipment to employees as a tax-free
With our newsletter, you automatically receive our latest news per e-mail and get access to the archive including advanced search options!
» Sign up for the Newsletter
» Login