Explore European Union Legislation by Asking a Legal Question
assisted-checkbox
filter-instruction-1
positive-filters
negative-filters
act-filter tabs-all
parameters-title
query
assisted-checkbox: ✅
result-title
total 2
Regulation (EU) 2024/982 of the European Parliament and of the Council of 13 March 2024 on the automated search and exchange of data for police cooperation, and amending Council Decisions 2008/615/JHA and 2008/616/JHA and Regulations (EU) 2018/1726, (EU) No 2019/817 and (EU) 2019/818 of the European Parliament and of the Council (the Prüm II Regulation) article 53 CELEX: 32024R0982 Security of processing
1. The Member States’ competent authorities, eu-LISA and Europol shall ensure the security of the processing of personal data under this Regulation. The Member States’ competent authorities, eu-LISA and Europol shall cooperate on security-related tasks. 2. Without prejudice to Article 33 of Regulation (EU) 2018/1725 and Article 32 of Regulation (EU) 2016/794, eu-LISA and Europol shall take the necessary measures to ensure the security of the router and EPRIS, respectively, and of their related communication infrastructure. |
Regulation (EU) 2024/982 of the European Parliament and of the Council of 13 March 2024 on the automated search and exchange of data for police cooperation, and amending Council Decisions 2008/615/JHA and 2008/616/JHA and Regulations (EU) 2018/1726, (EU) No 2019/817 and (EU) 2019/818 of the European Parliament and of the Council (the Prüm II Regulation) article 53 CELEX: 32024R0982 3. eu-LISA shall adopt the necessary measures concerning the router, and Europol shall adopt the necessary measures concerning EPRIS, in order to: (a) physically protect data, including by making contingency plans for the protection of critical infrastructure; (b) deny unauthorised persons access to data-processing equipment and installations; (c) prevent the unauthorised reading, copying, modification or removal of data media; (d) prevent the unauthorised input of data and the unauthorised inspection, modification or deletion of recorded personal data; (e) prevent the unauthorised processing of data and any unauthorised copying, modification or deletion of data; (f) prevent the use of automated data-processing systems by unauthorised persons using data communication equipment; (g) ensure, by means of individual user identities and confidential access modes only, that persons authorised to access the router or EPRIS, as applicable, have access only to the data covered by their access authorisation; (h) ensure that it is possible to verify and establish to which bodies personal data can be supplied using data communication equipment; (i) ensure that it is possible to verify and establish which data have been processed in the router or EPRIS, as applicable, and when, by whom and for what purpose they have been processed; (j) prevent the unauthorised reading, copying, modification or deletion of personal data during the transmission of personal data to or from the router or EPRIS, as applicable, or during the transport of data media, in particular by means of appropriate encryption techniques; (k) ensure that, in the event of interruption, installed systems can be restored to normal operation; (l) ensure reliability by making sure that any faults in the functioning of the router or EPRIS, as applicable, are properly reported; (m) monitor the effectiveness of the security measures referred to in this paragraph and take the necessary organisational measures related to internal monitoring to ensure compliance with this Regulation and to assess those security measures in the light of new technological developments. The necessary measures referred to in the first subparagraph shall include a security plan, a business continuity plan and a disaster recovery plan. |