The ICO exists to empower you through information.

You must ensure that you have appropriate security measures in place to protect the personal data you hold.

This is the ‘integrity and confidentiality’ principle of the GDPR – also known as the security principle.

For more information, see security.