EU Agency for Cybersecurity launched an online platform to assist in the security of personal data processing; this platform implements a risk-based approach to personal data security as a means to underpin trust.
The new platform is part of the work of the Agency in privacy and data protection, which focuses on analysing technical solutions for the implementation of GDPR, privacy by design and security of personal data processing.
Data controllers and their assisting contractors (data processors) can benefit from this platform to determine their approach when seeking to develop policies to protect personal data under their control. This platform can also be proven useful to auditors and supervising authorities alike, in an effort to determine the level of preparation and analysis preceding the designation of security measures adopted by a data controller.
There is scope to leverage on this platform among the SME community, which can benefit from publicly available solutions, as the one provided by ENISA, to support GDPR compliance.