66 Security of processing

Obligations relating to security

66  Security of processing

(1)     Each controller and each processor must implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks arising from the processing of personal data.

(2)     In the case of automated processing, each controller and each processor must, following an evaluation of the risks, implement measures designed to—

(a)     prevent unauthorised processing or unauthorised interference with the systems used in connection with it,

(b)     ensure that it is possible to establish the precise details of any processing that takes place,

(c)     ensure that any systems used in connection with the

Popular documents