Jusletter IT

Information security and data protection are concepts that are generally hard to concile. The more monitoring is provided, the better the security. But, ideally, data protection implies no processing of personal data at all. A business security concept inevitably requires the processing of personal data, and the GDPR itself also demands security measures. ISO/IEC 27001 is an international standard describing a security management system. The GDPR describes an identical system. This standard allows common considerations of data protection and information security. (ah)