Encryption

Controls Management | ProvePrivacy | Article Image 5

Encryption is the process of encoding a message or information in such a way that only authorised parties can access it and those who are not authorised cannot.   Authorisation is often provided in the form of an alphanumerical decryption key, which can be of different lengths, often measured in ‘bits’.  A 256 bit encryption key is often considered to be robust. 

Encryption denies the intelligible content to an unauthorised individual, but in principle it is possible to decrypt the message without possessing the key.  Therefore encrypted data, like pseudonymised data is still considered to be in scope of GDPR but is again considered to be a good ‘technical or organisational measure’.

This article can be read in conjunction with the anonymisation & pseudonymisation articles

Manage personal data and privacy risks

Suggested reading

You might also like

Scroll to Top

Contact us

If you would like to ask more questions or to arrange training, complete the form below and we will respond shortly.

See our Privacy Statement for more details.

Get expert tips and business insights