Security of Personal Data Processing Event

One of the core obligations for all businesses, including SMEs, acting either as data controllers or data processors, in GDPR is that of the security of personal data. In particular, according to GDPR security equally covers confidentiality, integrity and availability and should be considered following a risk-based approach: the higher the risk, the more rigorous the measures that the controller or the processor needs to take (in order to manage the risk).

The European DIGITAL SME Alliance organises on 8th October in Athens a workshop on security measures (article 32 GDPR) in collaboration the European Union Agency for Network and Information Security (ENISA) and the support of the Hellenic Data Protection Authority. The workshop is also supported by the insights of European cybersecurity and privacy observatory – Cyberwatching.eu.

Small Business Standards expert Fabio Guasconi will intervene during the event to present the SBS Guide on the implementation of ISO/IEC 27001 on Information Security Management. The Guide, which was developed by information security experts appointed by SMEs and cyber-security trade associations of various European countries, describes a series of practical activities that can significantly help with establishing or raising information security levels within an SME.

You can find more information on the event here

The Agenda: