Skip to Main content Skip to Navigation
Journal articles

Sécurité et hygiène numérique des professionnels

Abstract : The obligation to ensure the security of personal data is old, since it was already included in the very first “informatics and freedom” act of 1978. The verification of compliance to it is carried out within the framework of a proportionality analysis between the means implemented by the data controller and its subcontractors, and the state of the art. The latter is assessed with respect to the information available within the communities of practice (reports, analysis methodologies, etc.) and to the texts issued by the regulators (baselines, model regulations, etc.). By bringing out the principle of co-responsibility between the data controller and its subcontractors, the 2016 General Data Protection Regulation aims at empowering all stakeholders involved in the processing of personal data. It imposes an enhanced due diligence requirment, characterized by the need to document upstream their strategy to achieve compliance. A sufficient level of security in digital environments cannot be achieved without educating all organization personnel in digital hygiene, a body of knowledge and sound practices designed to limit the occurrence of incidents. The security of personal data is a dynamic process, the procedures of which must be constantly reassessed in the light of evolving threats.
Document type :
Journal articles
Complete list of metadata
Contributor : François Pellegrini Connect in order to contact the contributor
Submitted on : Monday, April 29, 2019 - 1:26:37 AM
Last modification on : Friday, January 21, 2022 - 3:11:49 AM


Files produced by the author(s)


  • HAL Id : hal-02113563, version 1



François Pellegrini. Sécurité et hygiène numérique des professionnels. Dalloz IP/IT, Dalloz, 2019, pp.233-236. ⟨hal-02113563⟩



Les métriques sont temporairement indisponibles