5 notable examples of fines for non-compliance with Art 32 of GDPR
Article 32 of the General Data Protection Regulation (GDPR) lays down the obligation for controllers to implement technical and organizational measures with regard to the processing of personal data in such a way as to ensure a level of security appropriate to the risks associated with the processing and the nature of the personal data involved. These measures must ensure the confidentiality, integrity and availability of the data, as they would say, the holy trinity in information security or CIA.