Guest user Created: May 02, 2018 Last commented: May 02, 2018

GDPR - Encrypted e-mails

I am wondering if/when/how we should use encrypted e-mails at my company? In which cases could it be a necessary means to ensure some extra compliance in relation with the GDPR. Are there any general guidelines? Which information should entail encryption?

0 0

Assign topic to the user

Select user

Expert

Andrei Hanganu May 02, 2018

Answer:

The EU GDPR in art. 23 – “Security of processing” (https://advisera.com/eugdpracademy/gdpr/security-of-processing/) mentions encryption as a means to protect personal data. It also mentions that “appropriate technical and organisational measures “ need to be taken according to the risks involving a specific processing activity.

So, basically is up to the controllers and processors to determine which security measures they need to take. Coming back to the question whether an email should be encrypted or not you would need to think about the content of your emails. Basically emails that contain large amounts of personal data should be encrypted as well as emails containing sensitive personal data.

If you want to learn more about the security of personal data you can check out our article “ How cybersecurity solutions can help with GDPR compliance” https://advisera.com/eugdpracademy/blog/2017/11/27/how-cybersecurity-solutions-can-help-with-gdpr-compliance/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

May 02, 2018

Expert Advice Community