The NTMA as Data Processor for HBFI, provides various supports to HBFI and has a suite of Information Security Policies and Procedures which are designed to ensure that appropriate technical and organisational measures are in place to protect information. They are overseen by an IT Security Committee and apply to all HBFI staff. These measures protect Personal Data from unlawful or unauthorised destruction, loss, change, disclosure, acquisition or access. Personal Data is held securely using a range of security measures including, as appropriate, physical measures such as locked filing cabinets, IT measures such as encryption, and restricted access through approvals and passwords.
Articles 33 and 34 of the GDPR obliges Data Controllers to notify the Data Protection Commission and affected Data Subjects in the case of certain types of Personal Data security breaches. HBFI has implemented a Personal Data Breach Procedure and we will manage a Data Breach in accordance with this procedure.