When you do business with a organization, you do more than simply exchange money for a product or service, with that flexibility come security risks associated with intellectual property and organization data. And also, the processing of akin special categories are restricted by further safeguards to give extra protection to the privacy of data subjects.
Formerly known as sensitive personal data, now known under GDPR as special categories of personal data, organization may need to protect many types of sensitive information for business and, or legal purposes, by the same token, society also places a high value on individual autonomy, and one way to respect persons and enhance individual autonomy is to ensure that people can make the choice about when, and whether, personal information (particularly sensitive information) can be shared with others.
Customer data needs to be protected, and data security needs to become one of the top priorities for your business, sensitive data, or, as the GDPR calls it, special categories of personal data is a category of personal data that is especially protected and in general, cannot be processed, one may wish to waive the protection if it is determined that the costs of redaction outweigh the benefits to privacy.
GISF is valued and expected in any situation where sensitive information is accessed or shared.
Want to check how your GISF Processes are performing? You don’t know what you don’t know. Find out with our GISF Self Assessment Toolkit: