{"id":2594,"date":"2017-08-03T17:56:09","date_gmt":"2017-08-03T16:56:09","guid":{"rendered":"http:\/\/mouillere.com\/universconvergents\/?p=2594"},"modified":"2017-08-03T17:56:09","modified_gmt":"2017-08-03T16:56:09","slug":"fonctionnalites-dun-service-de-stockage-conforme-au-rgdp","status":"publish","type":"post","link":"https:\/\/mouillere.com\/universconvergents\/2017\/08\/03\/fonctionnalites-dun-service-de-stockage-conforme-au-rgdp\/","title":{"rendered":"Fonctionnalit\u00e9s d&#8217;un service de stockage conforme au RGDP"},"content":{"rendered":"<p>LES ECHOS consacre un article relatif aux nouvelles obligations de s\u00e9curit\u00e9 et contractuelles qu&#8217;impose le RGDP aux responsables du traitement amen\u00e9es \u00e0 traiter avec des fournisseurs de services cloud et des fournisseurs de technologie de protection des donn\u00e9es (sous-traitants).<\/p>\n<p><!--more--><\/p>\n<ul>\n<li>Les fournisseurs de services cloud doivent apporter des garanties suffisantes pour que le service soit conforme aux exigences techniques et organisationnelles du nouveau r\u00e8glement;<\/li>\n<li>Les contrats de service entre le responsable du traitement et le sous-traitant interdisent le recours \u00e0 d&#8217;autres sous-traitants sans le consentement pr\u00e9alable du responsable du traitement;<\/li>\n<li>\u00c0 l&#8217;expiration du contrat de service, toutes les donn\u00e9es doivent \u00eatre supprim\u00e9es du cloud et le sous-traitant doit apporter les preuves suffisantes que c&#8217;est bien le cas;<\/li>\n<li>Les responsables du traitement ont l&#8217;obligation de rendre compte de tout incident de fuite de donn\u00e9es \u00e0 l&#8217;autorit\u00e9 r\u00e9glementaire.<\/li>\n<\/ul>\n<p>Les fonctionnalit\u00e9s du service doivent donc permettre de controler :<\/p>\n<ul>\n<li>le lieu de stockage : o\u00f9 les donn\u00e9es sont stock\u00e9es, sur site ou dans un datacenter sp\u00e9cifique bas\u00e9 en Europe;<\/li>\n<li>le chiffrement des donn\u00e9es au repos, en transit et dans le cloud;<\/li>\n<li>la recherche de donn\u00e9es dans les sauvegardes;<\/li>\n<li>la modification des donn\u00e9es personnelles;<\/li>\n<li>l&#8217;exportation des donn\u00e9es dans un format courant facile \u00e0 utiliser;<\/li>\n<li>la restauration rapide des donn\u00e9es en cas d&#8217;incident (incendie, attaque informatique,<\/li>\n<li>la protection contre les attaques de ransomware pour \u00e9viter les fuites de donn\u00e9es avec une solution int\u00e9grant une protection qui d\u00e9tecte et bloque les attaques de ransomware et restaure instantan\u00e9ment les donn\u00e9es affect\u00e9es;<\/li>\n<li>la certification des donn\u00e9es comme par exemple via la blockchain qui permet de produire une preuve inalt\u00e9rable de l&#8217;int\u00e9grit\u00e9 des donn\u00e9es.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.lesechos.fr\/idees-debats\/cercle\/cercle-172384-gdpr-quelles-fonctionnalites-rechercher-dans-votre-solution-de-stockage-de-donnees-2104941.php\" target=\"_blank\" rel=\"noopener\">https:\/\/www.lesechos.fr\/idees-debats\/cercle\/cercle-172384-gdpr-quelles-fonctionnalites-rechercher-dans-votre-solution-de-stockage-de-donnees-2104941.php<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>LES ECHOS consacre un article relatif aux nouvelles obligations de s\u00e9curit\u00e9 et contractuelles qu&#8217;impose le RGDP aux responsables du traitement amen\u00e9es \u00e0 traiter avec des fournisseurs de services cloud et&hellip; <\/p>\n","protected":false},"author":1,"featured_media":193,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[16],"tags":[65],"class_list":["post-2594","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-donnees-personnelles","tag-rgpd"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2015\/06\/Unknown-2.jpeg?fit=298%2C169&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6jw1p-FQ","jetpack-related-posts":[{"id":2475,"url":"https:\/\/mouillere.com\/universconvergents\/2017\/06\/05\/les-entreprises-seront-elles-en-conformite-avec-le-rgdp-en-mai-2018\/","url_meta":{"origin":2594,"position":0},"title":"Les entreprises seront-elles en conformit\u00e9 avec le RGDP en mai 2018 ?","author":"Fred","date":"5 juin 2017","format":false,"excerpt":"Le 25 mai 2018, les entreprises europ\u00e9ennes devront appliquer le RGDP et s\u2019assurer de la s\u00e9curisation des donn\u00e9es. Elles seront enti\u00e8rement responsables de la cha\u00eene de traitement des donn\u00e9es et devront s\u2019assurer des garanties apport\u00e9es par les sous-traitants et fournisseurs. Les entreprises de plus de 250 salari\u00e9s devront tenir un\u2026","rel":"","context":"Dans &quot;Donn\u00e9es personnelles&quot;","block_context":{"text":"Donn\u00e9es personnelles","link":"https:\/\/mouillere.com\/universconvergents\/category\/it\/donnees-personnelles\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2017\/06\/34042190.jpg?fit=354%2C397&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":2388,"url":"https:\/\/mouillere.com\/universconvergents\/2017\/05\/18\/le-nouveau-data-protection-officer-dpo\/","url_meta":{"origin":2594,"position":1},"title":"Le nouveau Data Protection Officer (DPO)","author":"Fred","date":"18 mai 2017","format":false,"excerpt":"Le\u00a0R\u00e8glement du 27 avril 2016 relatif \u00e0 la protection des personnes physiques \u00e0 l\u2019\u00e9gard du traitement des donn\u00e9es \u00e0 caract\u00e8re personnel et \u00e0 la libre circulation de ces donn\u00e9es (\u00ab RGDP \u00bb) a cr\u00e9\u00e9 le DPO charg\u00e9\u00a0d'assurer un r\u00f4le d\u2019interm\u00e9diaire entre\u00a0les\u00a0entreprises et la CNIL. Le DPO va devenir obligatoire d'ici\u2026","rel":"","context":"Dans &quot;Donn\u00e9es personnelles&quot;","block_context":{"text":"Donn\u00e9es personnelles","link":"https:\/\/mouillere.com\/universconvergents\/category\/it\/donnees-personnelles\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2017\/05\/GDPR-en.png?fit=1101%2C560&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2017\/05\/GDPR-en.png?fit=1101%2C560&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2017\/05\/GDPR-en.png?fit=1101%2C560&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2017\/05\/GDPR-en.png?fit=1101%2C560&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2017\/05\/GDPR-en.png?fit=1101%2C560&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":2529,"url":"https:\/\/mouillere.com\/universconvergents\/2017\/06\/10\/data-privacy-officer-dpo\/","url_meta":{"origin":2594,"position":2},"title":"Data Privacy Officer (DPO)","author":"Fred","date":"10 juin 2017","format":false,"excerpt":"L\u2019article 37 du r\u00e8glement europ\u00e9en 2016\/679 du 27 avril 2016 (RGDP) contraint certains responsables de traitement de d\u00e9signer un D\u00e9l\u00e9gu\u00e9 \u00e0 la protection des donn\u00e9es (DPO) aupr\u00e8s des autorit\u00e9s de contr\u00f4le (la CNIL en France).\u00a0Les responsables de traitement et les sous-traitants devront d\u00e9signer un DPO s\u2019ils appartiennent au secteur public,\u2026","rel":"","context":"Dans &quot;Donn\u00e9es personnelles&quot;","block_context":{"text":"Donn\u00e9es personnelles","link":"https:\/\/mouillere.com\/universconvergents\/category\/it\/donnees-personnelles\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2017\/06\/role-of-the-data-protection-officer-18-638.jpg?fit=638%2C479&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2017\/06\/role-of-the-data-protection-officer-18-638.jpg?fit=638%2C479&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2017\/06\/role-of-the-data-protection-officer-18-638.jpg?fit=638%2C479&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":3122,"url":"https:\/\/mouillere.com\/universconvergents\/2019\/10\/15\/guide-pratique-de-sensibilisation-au-rgpd-pour-les-tpe-pme\/","url_meta":{"origin":2594,"position":3},"title":"Guide pratique de sensibilisation au RGPD pour les TPE-PME","author":"Fred","date":"15 octobre 2019","format":false,"excerpt":"La CNIL et Bpifrance ont publi\u00e9 un guide pratique de sensibilisation au RGPD pour les TPE-PME. Depuis le 25 mai 2018, les entreprises doivent: recueillir le consentement de leurs clients si leurs donn\u00e9es font l\u2019objet d\u2019un traitement ; informer leurs clients de leur droit d'acc\u00e8s, de modification et de suppression\u2026","rel":"","context":"Dans &quot;Donn\u00e9es personnelles&quot;","block_context":{"text":"Donn\u00e9es personnelles","link":"https:\/\/mouillere.com\/universconvergents\/category\/it\/donnees-personnelles\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2960,"url":"https:\/\/mouillere.com\/universconvergents\/2019\/03\/15\/rgpd-eba-et-externalisation\/","url_meta":{"origin":2594,"position":4},"title":"RGPD, EBA et externalisation","author":"Fred","date":"15 mars 2019","format":false,"excerpt":"Le pertinent cabinet d\u2019avocats Lexing Alain Bensoussan Avocats a \u00e9mis ses recommandations pour rationaliser les proc\u00e9dures et couts relatifs aux exigences de l\u2019Autorit\u00e9 bancaire europ\u00e9enne (EBA) et \u00e0 celles du RGPD. En effet, l\u2019EBA a rendu public le 25 f\u00e9vrier 2019 les conclusions de sa consultation lanc\u00e9e en juin 2018\u2026","rel":"","context":"Dans &quot;Banking &amp; Payment&quot;","block_context":{"text":"Banking &amp; Payment","link":"https:\/\/mouillere.com\/universconvergents\/category\/it\/banking-payment\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2019\/03\/1280px-European_Banking_Authority_svg.png?fit=1200%2C470&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2019\/03\/1280px-European_Banking_Authority_svg.png?fit=1200%2C470&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2019\/03\/1280px-European_Banking_Authority_svg.png?fit=1200%2C470&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2019\/03\/1280px-European_Banking_Authority_svg.png?fit=1200%2C470&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2019\/03\/1280px-European_Banking_Authority_svg.png?fit=1200%2C470&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":3544,"url":"https:\/\/mouillere.com\/universconvergents\/2020\/01\/14\/rgpd-laccountability-concretement-cest-quoi\/","url_meta":{"origin":2594,"position":5},"title":"RGPD : l&#8217;accountability, concr\u00e8tement, c&#8217;est quoi ?","author":"Fred","date":"14 janvier 2020","format":false,"excerpt":"Le Village de la Justice consacre un article listant les documents devant composer le dossier de conformit\u00e9\u00a0 selon le principe d'accountability de l\u2019article 5 du RGPD qui impose aux entreprises de mettre en \u0153uvre des m\u00e9canismes et des proc\u00e9dures internes permettant de d\u00e9montrer \u00e0 tout moment le respect des r\u00e8gles\u2026","rel":"","context":"Dans &quot;Donn\u00e9es personnelles&quot;","block_context":{"text":"Donn\u00e9es personnelles","link":"https:\/\/mouillere.com\/universconvergents\/category\/it\/donnees-personnelles\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2020\/01\/accountability.png?fit=670%2C395&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2020\/01\/accountability.png?fit=670%2C395&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/mouillere.com\/universconvergents\/wp-content\/uploads\/2020\/01\/accountability.png?fit=670%2C395&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/posts\/2594","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/comments?post=2594"}],"version-history":[{"count":1,"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/posts\/2594\/revisions"}],"predecessor-version":[{"id":2595,"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/posts\/2594\/revisions\/2595"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/media\/193"}],"wp:attachment":[{"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/media?parent=2594"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/categories?post=2594"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mouillere.com\/universconvergents\/wp-json\/wp\/v2\/tags?post=2594"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}