Products

Data Mapping

Visibility for data governance.

Privacy Requests

Privacy requests, automated.

Consent

Better site consent. No tradeoffs.

Assessments

Mitigate data processing risk.

Technologies

Integrations

Complete systems coverage

Security

Designed to eliminate risks

By Industry

Consumer

Healthcare

Fintech

Media

B2B

By Regulation

CPRA

CCPA

GDPR

Colorado Privacy Act

Virginia CDPA

Gramm Leach Bliley Act

HIPAA

China's PIPL

Brazil's LGPD

By Use Case

Know Your Data

In-App Deletion

Do Not Sell or Share

CPRA Compliance

By Strategy

Handling Scale

Reducing Risk

Improving Performance

Saving Resources

Future-proofing

General Resources

Blog

Customers

Case studies

Community

Privacy glossary

Privacy newsletter

Data mapping cost calculator

All resources

For Developers

Technical docs

Open source

Tech talks

Company

About Us

Press

Careers

Contact Us

DocsLog In
Get a demo

Products

Data Mapping

Visibility for data governance.

Privacy Requests

Privacy requests, automated.

Consent

Better site consent. No tradeoffs.

Assessments

Mitigate data processing risk.

Technologies

Integrations

Complete systems coverage

Security

Designed to eliminate risks

By Industry

Consumer

Healthcare

Fintech

Media

B2B

By Regulation

CPRA

CCPA

GDPR

Colorado Privacy Act

Virginia CDPA

Gramm Leach Bliley Act

HIPAA

China's PIPL

Brazil's LGPD

By Use Case

Know Your Data

In-App Deletion

Do Not Sell or Share

CPRA Compliance

By Strategy

Handling Scale

Reducing Risk

Improving Performance

Saving Resources

Future-proofing

General Resources

Blog

Customers

Case studies

Community

Privacy glossary

Privacy newsletter

Data mapping cost calculator

All resources

For Developers

Technical docs

Open source

Tech talks

Company

About Us

Press

Careers

Contact Us

DocsLog In
Get a demo
Glossary Page

Article 32

Table of contents

Article 28Article 30Article 6 Article 9Authorized AgentsCalifornia Consumer Privacy Act (CCPA)California Privacy Protection Agency (CPPA)California Privacy Rights Act (CPRA)Colorado Privacy Act (CPA)Consent Dark PatternsData ControllerData MappingData ProcessorData SubjectData Subject Access RequestDo Not TrackDo not sell/Do not share Facebook Limited Data Use (LDU)GDPR Personal DataGDPR PrinciplesGDPR RightsGeneral Data Protection Regulation (GDPR)Global Privacy Control (GPC)Gramm-Leach-Bliley ActHIPAALGDP (Brazil's Privacy Law)Personally Identifiable Information (PII)PseudonymizationRecord of Processing Activities (ROPA)Schrems IITracking CookiesUtah Consumer Privacy Act (UCPA)Verifiable Consumer Request (VCR)Virginia Consumer Data Protection Act (VCDPA)

Article 32 requires that data controllers and data processors secure consumer data using the “appropriate technical and organizational measures.”

Recommended security practices include:

  • Encrypting and anonymising personal data
  • Keeping processing systems and services confidential and available
  • Taking steps to maintain system resiliency and integrity
  • If an incident occurs, ensuring personal data access can be restored as soon as possible
  • Implementing a process for security evaluation

In short, businesses under the GDPR are expected to ensure security for any personal data they process and Article 32 outlines specific guidelines for what's required.

Additional resources

Article 30

Read more

Article 28

Read more

Article 6

Read more

Sign up for Snippets

Bite sized privacy. Get our weekly newsletter on privacy and technology.

By clicking "Sign Up" you agree to the processing of your personal data by Transcend as described in our Data Practices and Privacy Policy. You can unsubscribe at any time.

San Francisco, California

Copyright © 2023 Transcend, Inc.

Our Privacy Center
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.