On March 21, the European Data Protection Supervisor ("EDPS") released guidance on information security risk management, which issues recommendations on how European institutions can enforce and enhance a secure digital environment. The guidance accounts for the General Data Protection Regulation recently approved by the EU and includes a multidisciplinary assessment that covers several functions within an organization, such as Data Protection Officer and Information Technology.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.