[Registruotis vizitui] Self‑Service      Contacts      Neįgaliųjų versija      LT  |  EN
RC logotype

Property and Encumbrances Legal Entities Adresses Population
Home / Personal data protection

Security measures and personal data breaches management


In order to ensure the security of processed personal data, the state enterprise Center of Registers implements organizational and technical security measures. Organizational measures include data security policies and procedures, roles and responsibilities, access management, resource and asset management, requirements for service providers (data processors), management of personal data breaches and incidents, business continuity, confidentiality obligations, trainings, etc. Technical measures include access control and authentication, log records and monitoring, service station and database security, workstation security, network and communication security, backups, mobile and portable devices, software security, data disposal, physical security, etc.
   
The Center of Registers has designated data protection officers to monitor compliance with the provisions of the General Data Protection Regulation and take action to ensure compliance. Also there are appointed security commissioners who coordinate the implementation of the security policy, organize and carry out risk and compliance assessments, coordinate the investigation of cyber security incidents and other security-related functions. Cyber Security Unit in the Centre of Registers performs functions related to identifying vulnerabilities in registers and information systems, identifying and monitoring security compliance, responding to cyber security incidents. The helpdesk in the Center of Registers operates in 7x24 mode to ensure effective management of cyber incidents and electronic information security incidents.
 
 
All personal data breaches in the Center of Registers are registered and assessed. If data breach has impact on rights and freedoms of natural persons, the personal data breach is notified to the supervisory authority no later than 72 hours after having become aware of it. When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the personal data breach is communicated to the data subject without undue delay.
The Center of Registers immediately takes steps to correct personal data breaches as soon as possible, eliminate consequences, take all measures to reduce or eliminate the risk of harm to the rights and freedoms of data subjects and to prevent future violations.
 
 
 


 Back  Page top