As in the Regulation itself, compliance with the obligations imposed by the Law is not evident, leaving the implementation of security measures to the discretion of those responsible and in charge, based on the principle of responsibility.
The use of the methodology and LEET Security's own rating provide an efficient way to demonstrate due diligence when protecting personal information, providing a unique way to fulfill your obligations. This will allow you to:
- Apply appropriate technical and organizational measures to guarantee a level of security appropriate to the risk.
What are those appropriate measures? You can use for this the control framework provided by our rating methodology, which is based on best practices and international standards.
- Guarantee and be able to demonstrate that the treatment is in accordance with the Regulations and the Law.
The cybersecurity stamp allows you to demonstrate the effective implementation of the corresponding measures, since it shows that they have been audited and verified by an independent professional entity.
- Require to the providers (managers) to comply with the appropriate measures.
It is not enough to state it in the contract, but you must make sure of it. How to carry out this supervision without becoming a provider auditor? The requirement for the qualification of outsourced services guarantees that these have already been audited by the Agency. In addition, it makes it easier for the providers themselves to be able to demonstrate, to all clients of the same services, the level of protection applied.
To learn more about how we can help you meet your obligations, please contact us.