CNPD Guideline on organizational and security measures

Portugal

Portuguese National Commission for Data Protection (CNPD) issued several guidelines for data controllers and processors

CNPD Guideline on organizational and security measures

View document

January 30, 2023

Joana Mota Agostinho

Key aspects

The National Commission for Data Protection (CNPD) approved its first guideline (Guideline) for 2023 on organizational and security measures for personal data processing.

The Guideline has been issued in response to increasing attacks on information systems, particularly during 2022,that due to its magnitude and complexity have impacted personal data.

The attacks are mainly due to (i) infrastructural weaknesses; (ii) users not being trained to detect phishing campaigns; and (iii) data controllers’ lack of awareness of the risks to data subjects' rights, caused by the lack of investment in security mechanisms.

View document

January 30, 2023

Joana Mota Agostinho

In the news

Legal developments

Spain

10.03.2023

Developments in mandatory electronic invoicing for B2B transactions

Meritxell Yus ACI | Área de Conocimiento e Innovación

Legal developments

Portugal

07.03.2023

Law 10/2023 of March 3

Sónia Queiróz Vaz

Legal developments

International

10.02.2023

2022 Year in Review China offices

Pablo Cubel Omar Puertas Sandra Costas

Legal developments

Spain

31.01.2023

What to expect in 2023: Key legal issues for companies

ACI | Área de Conocimiento e Innovación

Legal developments

International

23.01.2023

Keys to the new EU Digital Markets Regulation

Irene Moreno-Tapia Ander Romay

Legal developments

Portugal

23.01.2023

What to expect in 2023? Key points for companies

ACI | Área de Conocimiento e Innovación

Legal developments

Portugal

02.01.2023

Using video surveillance footage as evidence in disciplinary proceedings

Sónia Queiróz Vaz Rui Vaz Pereira Cátia Muchacho

More details