Assign topic to the user
Answer:
The EU GDPR does not distinguish between production and non-production environments.
As long as personal data is concerned, information technology systems processing personal must be adequately protected as to ensure the ongoing, confidentiality, integrity, availability and resilience as required by Article 32 Security of Processing of the EU GDPR (https://advisera.com/eugdpracademy/gdpr/security-of-processing/).
So, in strict EU GDPR terms, it does not matter the environment where the data is stored if the requirements of Article 32 mentioned above are considered.
Comment as guest or Sign in
Dec 23, 2017