导航
GDPR > Recital 77
下载PDF

Recital 77

Recital 77

(77) 有關執行適當措施與有關控管者或處理者所應遵守規範之指導 原則(尤其是有關資料處理所涉及之風險的識別,對於其來源、本質、 可能性與嚴重性、以及降低風險之最佳方法),得被以特別是下列方 式提供,亦即得以經核准之行為守則、經核准之認證、委員會提供指 導原則或資料保護員之指示等方式提供。委員會亦得頒布較不可能導 致對於權利或自由有高風險之處理活動的指導原則,並指出何種措施 足以解決此等風險。

(77) Guidance on the implementation of appropriate measures and on the demonstration of compliance by the controller or the processor, especially as regards the identification of the risk related to the processing, their assessment in terms of origin, nature, likelihood and severity, and the identification of best practices to mitigate the risk, could be provided in particular by means of approved codes of conduct, approved certifications, guidelines provided by the Board or indications provided by a data protection officer.

The Board may also issue guidelines on processing operations that are considered to be unlikely to result in a high risk to the rights and freedoms of natural persons and indicate what measures may be sufficient in such cases to address such risk.