UK: Information Commissioner Publishes Guidance on Encryption and Passwords in Online Services

On November 1, 2018, the Information Commissioner’s Office (ICO) released guidelines in relation to the technical and organisational measures that organisations must implement to be compliant with the security principal under Article 5(1)(f) of the General Data Protection Regulation (GDPR). The text of the GDPR makes specific reference to encryption, as an example of technical measures in Article 32 of the GDPR.

Described as "a mathematical function that encodes data in such a way that only authorised users can access it", encryption can prove beneficial to safeguard data in many use cases, such as for storage and transfers of personal data.

To continue reading please log in or request a demo to speak to a member of the team.