Security of data processing
- Security of personal data comprises appropriate organizational, technical and logic-technical procedures and measures to protect them and to prevent any accidental or deliberate unauthorized destruction, disclosure, modification, access or use of data or their accidental or deliberate loss:
- by protecting premises, equipment and systems software, including access control;
- by protecting software applications used to process personal data;
- by preventing any unauthorized access to or reading of personal data during their storage and transmission including the transmission via telecommunications means and networks;
- 1by ensuring effective methods of blocking, destruction, deletion or anonymization of personal data;
- by enabling subsequent determination of when personal data were entered into a filing system, accessed, modified, disclosed, destroyed, used or otherwise processed, and who did so, for the whole storage period.
- If personal data are processed via telecommunications networks it must be ensured that the processing takes place within the limits foreseen by law. Also the hardware, the systems software and the software applications must ensure an appropriate level of data protection.
- The procedures and measures to protect personal data must be adequate and kept up to date taking into account the nature of the personal data to be protected and the risks represented by the processing of such data.
- Functionaries, employees and other individuals performing tasks related to the processing of data including the data controller are obliged, that during and after the contracted work, to protect the confidentiality of personal data with which they become familiar.