Threat D.GDPR.NDFHuoO.1

URI: D.GDPR.NDFHuoO.1

Package: GDPR

Description: Nationally regulated personal data Data is transferred across borders: since Data related to DataSubject is subject to national regulations even under the GDPR, it should not be transferred by process FlowsFrom in jurisdiction Jurisdiction to process Process operating in jurisdiction RemoteJurisdiction without suitable analysis of the national regulations in both jurisdictions.

Threat Type: Primary Threat

Matching Pattern:

MP-NDFHuoO

Finds nationally regulated personal data being transferred across a border to a process that optionally has an operator organisation.

(empty)

CSG-GDPRAtSourceJurisdiction

(empty)

CSG-GDPRDataFlowGovernance	The flow of data *Data* between *FlowsFrom* and *Process* has been analysed by legal experts and found to be compliant with the GDPR.
CSG-GDPRSuspendDataFlow	The flow of data *Data* from *FlowsFrom* to *Process* can be temporarily disabled by the manager *Human1* of *FlowsFrom* to prevent a breach of GDPR regulations by its transmission to *Process*. This strategy represents a contingency plan, which can be used to prevent such a breach, but it may also trigger other threats representing possible side effects.
CSG-GDPRSuspendDataFlow-Implementation-Runtime	The flow of data *Data* from *FlowsFrom* to *Process* has been disabled by *Human1* to prevent a breach of the GDPR. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user *Human1* who is responsible for managing the service *FlowsFrom*.

Threat D.GDPR.NDFHuoO.1

MP-NDFHuoO

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (1)

Misbehaviour Sets (0)

Control Strategies (3)