Get FREE 12-month access to the AI-Powered Knowledge Base worth $450
with your ISO 27001 toolkit purchase
Limited-time offer – ends June 27, 2024

Expert Advice Community

Guest

Do we need VPN to comply with GDPR?

  Quote
Guest
Guest user Created:   Aug 06, 2023 Last commented:   Aug 06, 2023

Do we need VPN to comply with GDPR?

From your experience in order to be compliant with GDRP do we need to have VPN for all employees.

Or is that to be ISO 270001  compliant?

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Tudor Galos Aug 06, 2023

No, you don’t need to have VPN for all employees in order to be GDPR or ISO 27001 compliant. 

Regarding GDPR, you must take all necessary technical and organizational measures to ensure appropriate protection for the personal data you process, according to Article 32 GDPR - Security of processing, so deciding whether you need VPN for all employees should be done after evaluating all the risks towards data subjects.

Regarding ISO 27001, the process is similar - you have to assess the relevant risks for your sensitive information, and based on those risks, decide whether to use VPN. 

Please also consult these links:

Tudor Galos
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 06, 2023

Aug 06, 2023