GDPR Organizational Technical Measure – What now? - BAS - Sociedade de AdvogadosBAS

BAS > Communication > News > GDPR Organizational Technical Measure – What now?

Companies also have to gain from applying the key measures provided by the General Data Protection Regulation. This is what Bruno Rodrigues, from APDPO, explains to us.

Since the entry into force of the General Data Protection Regulation (GDPR), there have been many questions concerning the technical adequacy of the organizations to comply with them.

If on the one hand there are European organizations that far exceed the security imposed by the GDPR, on the other hand, and in most Portuguese SMEs, the evolution of IT Security and data protection is generally very low.

Since this evolution, which is expensive in terms of working hours and financial resources, is highly recommended and welcomed for the sake of data protection of the company and its information systems, I present some generic recommendations on how to approach the problem.

1 – GDPR technical view from the State perspective

With the entry into force of the GDPR, it was not long before the current Government published in its opinion, and in a generic way, what technical areas the entire public administration should give its attention? This is undoubtedly an important step for private organizations since, as I understand it, it will help companies choose which areas require immediate intervention from the point of view of Data Security, thus, with private entities conforming in the same degree as public entities.

It should be noted that compliance does not in any way mean that the organization is effectively safe. It is, however, a good start. To do this, just consult the Resolution of the Council of Ministers no. 41/2018.

This resolution distinguishes three layers of action, of extreme importance – Front-End, Application and Database. These three layers, from a security processes perspective, are included in a subject called IT Security Governance.

2 – CID – Confidentiality, Integrity and Availability

One of the pillars of Computer Security is the CIA (Confidentiality, Integrity & Availability). Used since the beginning of computer networks, it serves to provide organizations with three fundamental concepts of computer security that should be applied to its fullest to all situations of organizations, including data protection:

Confidentiality – It means that the data is stored in a secure way and only accessible to authorized persons or processes. Simply put, it means that we protect data from unauthorized access;
Integrity – Protection of data against unauthorized modification, loss, theft and unauthorized disclosure;
Availability – Systems must guarantee redundancy and availability, and there should not be a “single point of failure”.

3 – The software Security Development Lifecycle

One of the focuses of the Council of Ministers resolution is on software scenario. This is one of the most important issues in the current computer security landscape and much could be written on the subject.

I want to make an introduction to the topic by mentioning a tool, which being limited, can greatly help Data Protection Officers work with development teams in data protection – https://www.microsoft.com/en-us/SDL .

In addition to the various “guides” available on this page and others (I always advise to consult the OWASP on the subject), Microsoft has developed a software that will allow organizations to quickly understand which attacks to take into account in the software development process.

At each stage of the process, in the various components and in projects ranging from a simple site to a complete ERP systems, the organization, even in projects developed by external entities, must have an understanding of the various attacks that can potentially compromise personal data as well as, what measures are being implemented to mitigate them.

Data and organization security aims to protect users, their customers and stakeholders from potential attacks and loss of information and should always be seen in layers, where technical measures should target the CIA’s assurance in all the company areas.

Back

More in Communication

28/09/2017 Public Procurement and Pre-contractual Litigation under discussion: Analysis and evaluation of the proposals Read more

7/03/2019 BAS and real estate trends Read more

7/11/2018 Advogar: BAS distinguished with The Best Health Law Firm 2018 Award Read more

28/10/2019 Cláudia Monge contributes to the book The Secrets in Law Read more

9/06/2017 BAS lawyers at the annual EELA meeting Read more

12/10/2023 Pedro Madeira de Brito takes part in APODIT colloquium Read more

26/09/2023 António Gonilho joined the BAS team as a trainee lawyer Read more

21/04/2023 Pedro Madeira de Brito spotlighted in Life Sciences Read more

29/06/2017 Healthcare security and State Civil Liability: imprisonment and mastery of guilt? Read more

2/06/2021 BAS integrates business mission to Dubai Read more

29/12/2022 BAS at the 20th anniversary of JobShop Read more

19/05/2020 Isabel Sousa Castro in the ranking Top 50 Iberian Lawyer Rising Stars Read more

11/05/2022 Postgraduate Course in Public Procurement Management Read more

29/06/2018 BAS and Legalline Mozambique in Employment & Labour Law 2018 Read more

31/10/2017 Master of Sports Law Read more

18/07/2022 Marco Real Martins reelected to the APMEP Read more

27/04/2021 Amendments introduced to the Labour Code Read more

10/05/2022 “Whistleblowing” alerts for companies with 50 or more employees Read more

27/03/2020 Take a step back and reassess your priorities Read more

21/11/2019 Pedro Madeira de Brito speaker at the ILO centenary Read more

20/03/2020 COVID-19: Exceptional and temporary Measures in Response to the Epidemiological Situation Read more

7/10/2023 Alexandra Almeida Mota took part in the conference on Global Mobility Read more

10/10/2023 BAS at JobShop’23 Read more

23/07/2018 BAS in the Advocatus Search a Lawyer Guide Read more

13/12/2018 Press: Best Lawyers distinguishes Portuguese law firms and lawyers Read more

31/01/2020 SB2020: Overall charges paid for service contracts Read more

29/12/2022 National Congress of Public Procurement Read more

25/01/2018 The new restrictions on loans of professional football players Read more

26/03/2018 10 Key steps for compliance with the GDPR Read more

11/06/2019 Cláudia Monge opens workshop intended to review the first year of GDPR Read more

21/04/2023 Course on “Health Law Read more

19/12/2017 BAS strengthens its team with the arrival of Luciana Sousa Santos Read more

29/03/2019 BAS named Marco Aurélio as new partner Read more

26/05/2022 “The role of Ethics Committees” Read more

7/06/2022 BAS and Cláudia Monge are finalists in Life Sciences at Iberian Lawyer Awards Read more

3/05/2019 BAS and the outcomes of MIPIM Read more

2/05/2019 Real Estate Consulting Read more

11/05/2017 New rules for transparency in advertising Read more

29/11/2019 Pedro Madeira de Brito co-authors the ‘Commentary on the European Convention on Human Rights and Additional Protocols’ Read more

26/09/2022 Information session on the main changes to labour legislation Read more

24/04/2018 Data Protection: BAS joins APDPO Read more

2/03/2021 Lauch of the book “Inventário Judicial” Read more

19/03/2020 COVID-19 – Support clients in times of mutual assistance of all and for all Read more

10/05/2017 Real Estate Brochure Read more

2/04/2018 Exclusion of people from a football stadium Read more

28/10/2019 Changes to the Labour Code Read more

23/05/2018 Isabel Sousa Castro joins BAS team (Advogar) Read more

4/11/2019 Video surveillance, GDPR Implementing Law and the Labour Code Read more

25/09/2019 Cláudia Monge participates in a book celebrating the 40th anniversary of the NHS Read more

27/02/2018 Local Housing: Global Problem, National Solution? Read more

19/11/2018 Dália Cardadeiro in the Who is Who in Business Law in Portugal directory Read more

27/11/2023 Cláudia Monge speaks at EJTN seminar Read more

19/11/2018 Press: Employment Law Webinar Read more

15/05/2019 Debate and book on Public Procurement Legal Framework Read more

26/04/2021 Lisbon 2020 – Work in a Digital Era – Legal Challenges Read more

27/06/2018 The draft law for a new Industrial Property Code Read more

31/01/2018 BAS celebrates eight years Read more

10/06/2016 BAS at the European Employment Lawyers Association conference Read more

26/03/2018 General Data Protection Regulation and Health Data Read more

4/05/2018 BAS represents the Portuguese jurisdiction in Employment & labour 2018 in the International Comparative Legal Guide Read more

30/11/2017 Catholic University’s Law JobShop: BAS at the market of opportunities Read more

11/06/2019 Margarida Ferreira discusses European legislation and its application in Portugal Read more

19/09/2022 Decent Work Agenda Read more

7/02/2023 Comments to the Public Procurement Code Read more

9/04/2020 BAS Portuguese Simplified Lay Off Guide at Iberian Lawyer Read more

6/04/2020 ICLG: BAS writes about Labour and Employment Law in Portugal Read more

16/03/2022 Award of public procurement Read more

27/08/2021 New Decree-Law no. 73/2021, of 18 August Read more

26/09/2018 GDPR and consent for scientific research Read more

6/04/2020 BAS authors a chapter on Mozambique at ICLG Read more

21/07/2022 Forty under 40 finalists Read more

26/03/2018 Clinical Research and GDPR: Are compromises possible? Read more

18/03/2022 Chambers & Partners distinguishes BAS Read more

9/03/2018 Chambers Europe 2018 recognizes BAS partners in the area of Labor Law in Portugal Read more

25/11/2019 Who’s Who in Business Law in Portugal: Dalia Cardadeiro’s expectations for 2020 Read more

6/11/2018 Advocatus: BAS distinguished with The Best Health Law Firm 2018 Award Read more

11/06/2019 Catarina José focuses on the practical implications of GDPR Read more

12/10/2018 BAS with three new trainee lawyers Read more

2/10/2019 Real Estate: BAS will be present at Expo Real in Munich Read more

21/06/2023 Read more

30/09/2022 “Advocacy for Health Citizenship” Read more

8/07/2022 Law Firm of the Year – Life Sciences Read more

29/11/2018 In 2019, there will be more changes in the contributory scheme for Independent Workers Read more

31/10/2017 Direct award and the re-enacting of prior consultation Read more

31/05/2017 Sports Law in 5 questions Read more

30/06/2017 The reform of the employment contract of sports practitioners Read more

13/03/2020 BAS shortlisted for the Iberian Lawyer Labour Awards Read more

29/07/2019 The impact of the new Data Protection Regulation on the Schools Read more

3/08/2022 BAS is recognized in Data Protection by the Leaders League ranking Read more

15/07/2019 Marco Real Martins nominated for the Forty Under Forty awards Read more

29/03/2019 The new Equal Remuneration Law under review Read more

23/03/2020 COVID-19 – Exceptional Measures for Public Procurement and Expenditure Authorization Read more

13/10/2017 JM Sports Seminar: Pedro Madeira de Brito opens afternoon session Read more

6/09/2022 BAS joins business mission to Saudi Arabia Read more

18/07/2019 Pedro Madeira de Brito Publishes Book on Labour Law Read more

7/01/2020 Advogar: BAS lawyers author a chapter on real estate in Portugal at ICLG Read more

31/07/2017 New minimum wage and update of service contract values Read more

7/01/2019 Press: BAS reinforces its team with two new associate lawyers Read more

2/01/2020 Artur Filipe da Silva e Diogo Moreira Ramos author a chapter on real estate in Portugal Read more

24/04/2018 BAS organizes the workshop “Two years of General Data Protection Regulation. Are we ready?” Read more

1/09/2017 Smart work: The Law and the new trends in the labour market Read more

18/02/2019 Cláudia Monge speaks about medical secrecy and secrecy in law Read more

6/05/2022 Summer Internship Fair | FDUL Read more

15/06/2021 Three BAS lawyers recognized in the Leaders League in the labour area Read more

25/01/2018 Summary of the ruling of the Supreme Administrative Court (First section) of 16.11.2017, case No 0935/17, rapporteur: Teresa de Sousa Read more

29/06/2017 Rebenta a Bolha! (The game is over) Read more

14/09/2017 New legislation to fight against money laundering Read more

28/09/2016 BAS presence in Expo Real 2016 Read more

31/07/2018 Summer Course on General Data Protection Regulation at the University of Lisbon School of Law Read more

25/05/2021 Launch of the book “Civil Liability in Health” Read more

30/05/2017 Public Procurement and Innovation Read more

30/05/2017 New general regulation for data protection Read more

9/10/2023 BAS has welcomed two new Trainee Lawyers Read more

13/04/2017 Chambers and Partners recognizes BAS lawyers Read more

10/12/2019 Five lawyers of BAS were recognized in Best Lawyers Read more

12/10/2018 BAS reinforces its team with three trainee lawyers Read more

30/05/2017 Transparency in the advertising of medicinal products and medical devices Read more

14/09/2020 BAS integrates two associate lawyers and a consultant, strengthening strategic areas and betting on new areas of expertise Read more

30/05/2017 BAS and Sports Law Read more

28/09/2017 Key developments in the revised Public Procurement Code Read more

12/09/2023 Life-long Learning One Health Read more

27/04/2017 BAS at SIPP Read more

25/09/2023 “Infarmed Conference – Use of data in health” Read more

17/04/2020 Updated Version: BAS Simplified Lay Off Guide Read more

13/04/2020 Effects COVID-19: Extension of deadlines for implementation of electronic invoicing in public contracts Read more

5/09/2017 Sérvulo and BAS lawyers will debate about public procurement in Funchal Read more

28/01/2020 Pedro Madeira de Brito participates in the new edition of the Annotated Labour Code 2020 Read more

23/06/2022 The Employment Law team participate in the conference of EELA Read more

30/11/2017 The intriguing figure of the Data Protection Officer Read more

19/04/2017 Cláudia Monge analyses new data protection regulation Read more

18/10/2017 JM Seminar: Sports Law and Sports Policies Read more

22/02/2019 BAS in the 14th In-Lex Edition Read more

9/02/2018 FDUL provides courses in Law, Finance and Justice of Sport Read more

14/05/2019 Press: Alexandra Almeida Mota practical talks about restructuring in Europe Read more

26/06/2018 General framework of the new GDPR and national law – Of medical data in particular Read more

25/10/2017 The changes in the Public Procurement Code Read more

15/03/2020 BAS ranked in Chambers Europe 2020 Read more

21/10/2019 BAS Agenda: 13th National Congress of Electronic Public Procurement Read more

24/05/2018 Data protection in Workshop Read more

24/08/2021 BAS becomes a member of CELIA Alliance Read more

3/12/2021 Dália Cardadeiro wins Lawyer of the Year award Read more

30/10/2018 BAS represents Portugal in EU Employment and Social Security Law Webinar Read more

3/10/2023 Cláudia Monge at the “Dignity, Autonomy and Duration of Human Life” course Read more

7/03/2019 BAS ranked in Chambers Europe 2019 Read more

19/12/2018 Young lawyers and entry into the labor market Read more

23/07/2021 Marco Real Martins finalist in the Iberian Lawyer’s Forty under 40 Read more

4/03/2019 Advogar: BAS present at MIPIM Read more

3/10/2019 Information session on the changes to the Labour Code Read more

16/07/2019 Cláudia Monge in a conference in Sintra on Medical Error Read more

5/05/2022 5th European Conference on Sustainable and Innovative Public Procurement Read more

14/02/2020 Iberian Lawyer: “10 years of BAS Law Firm” Read more

24/01/2019 Do you still receive advertising emails to which you did not give consent? Read more

19/10/2017 Smart work and the new trends on the labor sector Read more

22/11/2018 Advogar: BAS partners discuss Public Purchases in Health Read more

26/05/2022 Family Mediation Read more

9/04/2019 BAS authors chapter on Labour Law in Portugal and Mozambique Read more

3/05/2017 BAS at the Portuguese Real Estate and Tourism Show in Paris Read more

19/12/2018 Team BAS reinforced Read more

29/11/2018 The Women’s Human Rights Summit Read more

6/10/2017 Portuguese companies at the Real Estate Show in Paris Read more

11/01/2022 III Health Law Course Read more

5/03/2020 Women in Law Read more

18/11/2021 Best Lawyers recognise BAS lawyers Read more

9/06/2017 BAS lawyers at EELA meeting Read more

2/11/2018 BAS named the Best Health Law Firm 2018 Read more

31/05/2022 The exceptional and temporary regime for price revision and award Read more

30/10/2017 The framework of satellite clubs Read more

20/01/2022 5th European Conference: sustainable and innovative public procurement Read more

19/02/2020 Press: BAS with five lawyers listed in Best Lawyers Read more

24/06/2018 BAS at the EELA annual conference Read more

14/03/2022 Green Hospitals Read more

15/06/2023 Data Protection and Health Data Read more

26/09/2018 BAS joins the Helpo sponsorship program Read more

9/05/2019 BAS supports the 4th Public e-Procurement Congress Read more

23/05/2018 BAS grows stronger with the arrival of Isabel Sousa Castro as associate lawyer Read more

27/03/2023 BAS ranked for Leaders League Best Firms in Portugal for Labor Law Read more

31/01/2018 Preliminary consultation: the implementation of informality Read more

19/09/2018 Cláudia Monge is a speaker at the Infarmed symposium Read more

20/01/2022 Advanced Training Programme on Public Procurement Read more

31/01/2020 BAS celebrates its 10th anniversary Read more

26/04/2023 Data Protection, Digital Security, and Compliance Course Read more

11/06/2019 Registrations open for the workshop on GDPR implementation Read more

30/10/2018 What changes with the new Local Housing Law? Read more

24/01/2019 New sports law magazine Read more

25/09/2019 II Workshop – The National GDPR Enforcement Act: What to Expect? Read more

18/09/2017 Funchal debates Public Procurement and Litigation Read more

16/04/2018 Local accommodation: will a global problem have a national solution? Read more

26/04/2017 Catholic Porto analyses the impact of the processing of personal data Read more

26/03/2018 Processing data of children and young people in light of the new GDPR Read more

26/10/2022 BAS is a finalist in the Labour Awards Read more

20/12/2019 2019 Highlights Read more

31/01/2018 Developments in data protection and compliance can mean employment laws are quickly outdated Read more

27/03/2020 10 years, 10 partners, 10 stories: Marco Aurélio Constantino Read more

3/01/2017 Pedro Madeira de Brito distinguished by Best Lawyers Portugal 2017 Read more

5/09/2017 Claúdia Monge coordinates Medical Law course Read more

27/12/2017 BAS on the directory Who’s Who in Business Law Read more

27/10/2023 Labour Law team participates in the Congress of the ASNALA Read more

6/05/2022 Sustainability and efficiency in the hospital sector Read more

21/06/2018 Football: The Right of Preference Read more

3/05/2019 BAS debates restructuring processes in webinar on Labour Law Read more

19/04/2023 Executive Program: “Contracting and Management of Public Works” Read more

26/07/2017 Health: When data protection demands special attention Read more

12/11/2017 Cláudia Monge will be a speaker at the conference on General Regulations for the Protection of Personal Data Read more

9/01/2023 Priorities of the sector 2023 Read more

28/10/2019 The consent of minors and the GDPR Read more

28/10/2019 Public Health Policies in review Read more

26/07/2019 The recent changes in the assumption of multiannual liabilities by NHS entities Read more

26/12/2017 BAS in the Iberian Lawyer’s Lisbon Annual Report Read more

24/05/2018 Company Agreement under the microscope Read more

30/06/2017 EELA Conference 2017 Read more

14/12/2021 Updating of Guaranteed Minimum Monthly Pay (“RMMG”) Read more

13/08/2021 National meeting on Public Contracts and Community Funds Read more

19/08/2022 CELIA ALLIANCE publishes article from BAS about Portugal Read more

28/04/2017 Paris opens its doors in May to receive Portuguese real estate Read more

27/12/2017 Partnerships for innovation, for what and how? Read more

25/09/2019 Labour Law: changes to the Labour Code Read more

13/03/2019 News from MIPIM 2019 Read more

24/01/2019 BAS celebrates its ninth year Read more

18/12/2017 Partner of BAS on the Best Lawyers’ directory Read more

17/12/2019 Beneficiary Central Registry BCR Legal Regime – What are the obligations of a Company After the First Declaration Read more

29/11/2018 Best Lawyers Distinguishes Pedro Madeira as Lawyer of the Year in Portugal Read more

24/05/2019 What has changed in the contribution regime for self-employed workers? Read more

7/03/2019 How Portugal adopted the Real Estate Investment Trusts (REIT) regime Read more

4/03/2020 Sports Law under analysis at the Faculty of Law of the University of Lisbon Read more

29/03/2019 New BAS services: Immigration and Foreign Investment Read more

27/09/2022 BAS goes to college Read more

30/05/2017 General Regulation on Data Protection and the processing of personal data Read more

27/02/2020 BAS listed in the 15th edition of In-Lex Read more

24/03/2020 BAS lawyers distinguished by Leaders League Read more

30/05/2017 BAS was present at Real Estate Fair in Paris Read more

2/06/2017 Sports Law seen out of the box Read more

6/10/2023 Paulo Pinto Pereira joins the BAS team Read more

11/10/2020 BAS lawyers in the Best Lawyers’ Global Business edition Read more

27/02/2018 New regime of Article 256-A of the Public Procurement Code Read more

27/02/2018 BAS in the 13th In-Lex Edition Read more