Online Platform for Security of Personal Data Processing
This report presents the focus and main functionalities of the ENISA’s online platform for the security of personal data processing. This platform is only one tool, which cannot replace the need of a greater compliance and accountability framework…
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
Engineering Personal Data Protection in EU Data Spaces
Common European data spaces (EU data spaces) are a novel concept introduced in the European strategy for data and elaborated further within the Data Governance Act (DGA). This report attempts to contextualise the main design principles regarding…
Engineering Personal Data Sharing
This report attempts to look closer at specific use cases relating to personal data sharing, primarily in the health sector, and discusses how specific technologies and considerations of implementation can support the meeting of specific data…
Securing personal data in the context of data retention
Data retention legislation has been adopted to address concerns related to national security and serious criminal activity. The legislation provides access to communication data for law enforcement purposes. However, according to the Data Retention…
Privacy and Security in Personal Data Clouds
The main objective of this study is to identify the different architectures and components of Personal Data Clouds (PDCs) and discuss their privacy and security challenges. Based on an empirical analysis of various applications that fall under, or…
Recommended cryptographic measures - Securing personal data
This document addresses the protection measures applied to safeguard sensitive and/or personal data, which has been acquired legitimately by a data controller. In this respect it discusses how information technology users, who have a basic knowledge…
Handbook on Security of Personal Data Processing
The overall scope of the report is to provide practical demonstrations and interpretation of the methodological steps of the ENISA’s 2016 guidelines for SMEs on the security of personal data processing. This is performed through specific use cases…
Recommendations for a methodology of the assessment of severity of personal data breaches
The European Union Agency for Network and Information Security (ENISA) reviewed the existing measures and the procedures in EU Member States with regard to personal data breaches and published in 2011 a study on the technical implementation of the…
Privacy by design in big data
The extensive collection and further processing of personal information in the context of big data analytics has given rise to serious privacy concerns, especially relating to wide scale electronic surveillance, profiling, and disclosure of private…