The principle of data security (Art. 8 FDPA) refers to the actual protection of data through technical and organisational measures. These measures ensure the confidentiality, availability, integrity and authenticity of the data, as well as the traceability of data processing. The principle of proportionality also applies here, and the measures must correspond to the state of the art. The more sensitive the data to be protected, the higher the requirements for data protection. Since humans are often the weakest link in the data protection chain, organisational measures are just as important as technical measures. The traceability of data processing requires appropriate logging. Both of these are also key points in the new EU General Data Protection Regulation, which is explained below.