DATA PROTECTION IN THE CONTEXT OF MODERN IT INFRASTRUCTURES
Modern information and communication technologies represent an essential part of business processes. Personal information is stored digitally, processed and transmitted in networks. Institutions in business and administration, but also every citizen, are thus dependent on the proper functioning of the IT used. Improper or abusive use of this technology can lead to a violation of data privacy and thus not only result in heavy fines, but also cause irreparable damage to the company’s image.
THE GDPR AND ITS CHALLENGES
With the General Data Protection Regulation (GDPR), the EU has introduced a directive on the protection of natural persons with regard to the processing of personal data, on the free movement of data. Since May 25, 2018, it has been the basis of general data protection law in the EU and poses challenges for many companies with 99 articles and 173 recitals to date. Companies must analyze their processes for handling personal data and establish procedures that may put data subjects at risk. The level of potential threats must be assessed with a Privacy Impact Assessment and documented in a Data Protection Impact Assessment. These requirements are comprehensively supported in CRISAM®.