Discuz! Board

 找回密码
 立即注册
搜索
热搜: 活动 交友 discuz
查看: 436|回复: 0
打印 上一主题 下一主题

GDPR-compliant cloud

[复制链接]

1

主题

1

帖子

5

积分

新手上路

Rank: 1

积分
5
跳转到指定楼层
楼主
发表于 2024-8-9 02:24:17 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式
An important step we should take after deciding to use the cloud is to verify that:

who is the provider of a given solution – i.e. which entity will formally provide us with services that enable us to use the cloud,
whether such a supplier meets the requirements arising from the provisions of the GDPR , e.g. in terms of meeting security requirements.

Where does the second requirement come from? If, as part of a cloud service, we process (e.g. store) personal data of our customers, employees or other persons for whom we are the data controller , the cloud service provider will usually be the so-called processor.

This requires that both the administrator and the processor meet several additional obligations  B2C Email Lists arising from the provisions of the GDPR first step is for the client-administrator to check whether the cloud provider is even suitable to give him any data.

The Controller should use the services of a cloud service provider (processor) that provides sufficient guarantees for the implementation of appropriate technical and organisational measures so that the processing will meet the requirements of this Regulation and protect the rights of data subjects – Article 28 paragraph 1 of the GDPR.



obtaining information about what security measures are used by the cloud service provider and what procedures they have adopted in this regard (e.g. by asking to complete a questionnaire with questions to determine what security measures the provider uses and which they do not use),
checking whether the processor has not previously experienced any serious situations that would result in a breach of data security.

How this obligation is fulfilled generally depends on the administrator . Therefore, we do not necessarily have to use the solutions indicated above - we can always use some alternative method.
It is also important who the supplier is and how they provide information that allows them to meet the requirements of the GDPR – let's be honest, trying to audit an international supplier before we have even become their customer can be a difficult task. Such suppliers often have standardized information on how they meet the requirements of the GDPR and provide it to potential customers.

回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver|手机版|小黑屋|Comsenz Inc.  

GMT+8, 2024-11-25 23:40 , Processed in 0.163309 second(s), 14 queries , Apc On.

Powered by Discuz! X3.1

© 2001-2013 Comsenz Inc.

快速回复 返回顶部 返回列表