142. Security of sensitive information.

Each general category 1 or category 2 responder1 must have in place arrangements for ensuring that the confidentiality of sensitive information2 received3 or created4 by it is not adversely affected5. Such arrangements must include arrangements for ensuring that sensitive information is clearly identifiable as such6 and is stored and transferred7 in a secure manner8 and that the information may be accessed only by those persons who are involved in the performance of a duty to assess emergency risks or plan for emergencies