S. No. |
Article |
Reports and functionalities |
1. |
Article 5, #1- f
Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures ('integrity and confidentiality'). |
Use the following reports to demonstrate that the required technical and organisational measures are in place:
To demonstrate compliance, export reports in any file format or email them to stakeholders at specified intervals. |
2. |
Article 5, #2
The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1('accountability'). |
|
3. |
Article 24, #1
Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, the controller shall implement appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed in accordance with this Regulation. Those measures shall be reviewed and updated where necessary. |
|
4. |
Article 25, #2
The controller shall implement appropriate technical and organisational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed. That obligation applies to the amount of personal data collected, the extent of their processing, the period of their storage and their accessibility. In particular, such measures shall ensure that by default personal data are not made accessible without the individual's intervention to an indefinite number of natural persons. |
|
5. |
Article 30
Each controller and, where applicable, the controller's representative, shall maintain a record of processing activities under its responsibility. |
|
6. |
Article 32, #4
控制者和处理者应采取措施,确保在控制者或有权访问个人数据的处理者的权限下采取行动的任何自然人,除非按照控制者的指示进行操作,否则均不会对其进行处理,除非他或她被要求这样做。联盟或成员国法律。 |
|