Security measures regarding information processed by operator

Security measures regarding information processed by operator

21. (1) A responsible party must, in terms of a written contract between the responsible party and the operator, ensure that the operator which processes personal
information for the responsible party establishes and maintains the security measures referred to in section 19.

(2) The operator must notify the responsible party immediately where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person.

Please follow and like us:

© 2022. Information Regulator South Africa / Terms and Conditions