Loading ...





What is Information Security?

Information technology security is defending computers, networks, applications, and records from unauthorized access or assaults that aim for exploitation.

Absolute information security is theoretically unachievable; organizations can reduce uncertainty and continuously improve their approaches in making information security a business enabler.

What is GDPR in information security?

The General Data Protection Regulation (GDPR) requires corporations to take crucial technical and organizational measures to specific an excessive state security stage, following Article 32: Security of processing data. ISO 27001 is the worldwide preferred data protection and describes the best-practice necessities for enforcing a statistics protection administration machine (ISMS).

For example, the GDPR takes a broader view of what constitutes personal identification information. Companies will want the same safety level for matters like an individual’s IP address or cookie data for name, social security number, and address.

GDPR Information Security Checklist

The GDPR checklist can help you guard your organization, protect your customers’ data, and evade costly fines for non-compliance. It’s advantageous to know some of the terminology and the basic structure of the law.

  • Conducting data audit
  • Implementing reasonable data security protections
  • Ensuring that access controls are configured correctly
  • Ensure activity logs are created, maintained, and monitored
  • Implement a real time detection and response solution
  • Ensure regular security scanning takes place
  • Conduct data protection impact assessments

What information classed as sensitive under GDPR?

Data that ought to get classed as sensitive under GDPR are:

  • Political opinions
  • Ethnic or racial origin
  • Trade union membership
  • Genetic data
  • Bio metric data
  • Philosophical beliefs or religious
  • Data concerning a natural person’s sex life or regarding health or sexual orientation

What type of Information falls under GDPR?

Credit card number, email address, name and date of birth, also covers political opinions, race, gender, and much more.

In article 4(15) of the EU, the General Data Protection Regulation defines data concerning health as:

“The personal data related to the mental or physical health of a person, including the terms of health care services, which unveil information about his or her health status.”

What are Data Protection Principles, and why do we need it?

It is the process of safeguarding critical information from compromise, loss, or corruption.

The significance of data protection rises as the amount of data created and stored continues to grow at unprecedented rates. The fundamental principles of data protection are to safeguard and make available data under all conditions.

What are the 6 data protection principles GDPR?

  • Lawfulness, fairness, and transparency
  • Purpose limitations
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality

How long should the personal data be as per GDPR?

As per the General Data Protection Regulation (GDPR), any non-public statistics ought to no longer be saved any longer than it is essential for the reason for which the non-public statistics get processed. Besides capacity, there is a time limit on how long the customer data becomes saved intact. However, there is no unique time limit.


When there is doubt, it’s always best to consult the specialist in the field. And that’s when NDZ comes in handy. Always feel free to contact us at sales@ndz.co for more details, to enhance the knowledge in GDPR, and to clarify your doubts.