{"id":16779,"date":"2023-02-25T22:30:00","date_gmt":"2023-02-25T21:30:00","guid":{"rendered":"https:\/\/www.databack.fr\/non-categorise\/rgpd-pca-pra-the-challenges-of-data-recovery\/"},"modified":"2026-06-30T15:06:57","modified_gmt":"2026-06-30T13:06:57","slug":"rgpd-pca-pra-the-challenges-of-data-recovery","status":"publish","type":"post","link":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/","title":{"rendered":"RGPD, PCA\/PRA: The challenges of data recovery"},"content":{"rendered":"<p><img fetchpriority=\"high\" decoding=\"async\" class=\"aligncenter size-full wp-image-6045\" src=\"https:\/\/www.databack.fr\/wp-content\/uploads\/2018\/03\/1.6.jpeg\" alt=\"issues-recovery-data\" width=\"600\" height=\"250\" srcset=\"https:\/\/www.databack.fr\/wp-content\/uploads\/2018\/03\/1.6.jpeg 600w, https:\/\/www.databack.fr\/wp-content\/uploads\/2018\/03\/1.6-300x125.jpeg 300w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/p>\n<p><em>Data recovery poses real challenges for businesses. The entry into force of the RGPD (General Data Protection Regulation) and the challenges of BCP\/ERP place it at the heart of Information Systems (IS) governance. And the very existence of the company may depend on it. <\/em><\/p>\n<h2>RGPD: legal obligations and data recovery<\/h2>\n<p><a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/FR\/TXT\/HTML\/?uri=CELEX:32016R0679\" target=\"_blank\" rel=\"noopener\">The <strong>RGPD<\/strong><\/a>, a European regulation on the protection of <strong>personal data<\/strong> with an effective date of May 25, 2018, is not a directive but does have the force of law! As such, the penalties incurred by the CNIL for infringement can amount to up to 20 million euros or 4% of the company&#8217;s turnover.<\/p>\n<p>The scope of the RGPD should not be underestimated: it considers <strong>personal data<\/strong> to be any information relating to a &#8220;natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (&#8230;).&#8221; (art. 4(1)). The smallest customer references, HR information, data associated with a digital badge, etc. are therefore personal data.<\/p>\n<p>In order to comply with the RGPD, companies must therefore take all necessary measures to secure the processing of <strong>personal data<\/strong>. This includes &#8220;protection against unauthorized or unlawful processing and against <strong>accidental<\/strong> <strong>loss<\/strong>, <strong>destruction<\/strong> or <strong>damage<\/strong>&#8221; (art. 5(1)(f)). Beyond data protection, the GDPR requires the company to implement &#8220;means to <strong>restore the availability of<\/strong> and access to personal <strong>data<\/strong> within an appropriate timeframe in the event of a physical or technical incident&#8221; (art. 32(1)(c)).<\/p>\n<h2>Data recovery at the heart of disaster recovery plans<\/h2>\n<p><strong>Data recovery<\/strong> is therefore by no means an anecdotal component of the RGPD. In addition to the provisions of Article 32, the RGPD enjoins companies to declare to the CNIL any incident involving a personal data breach. This mandatory declaration must, among other things, &#8220;describe the measures taken or proposed to be taken by the controller to remedy the personal data breach, including, where appropriate, measures to mitigate any negative consequences&#8221; (art. 33(3)(d)).<\/p>\n<p>Data confidentiality, integrity, availability and resilience as defined by the RGPD now influence a company&#8217;s <strong>risk management policy<\/strong>. They also condition the development of the <a href=\"https:\/\/www.databack.fr\/en\/blog\/data-recovery-pca-pra\/\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>BCP\/ERP<\/strong><\/a> (Plan de Continuit\u00e9 et Plan de Reprise d&#8217;Activit\u00e9) and, where applicable, <strong>PRI<\/strong> and <strong>PCI<\/strong> (Plan de Continuit\u00e9 et Plan de Reprise Informatique).<\/p>\n<p><strong>Data loss<\/strong> is in fact the most recurrent consequence of disasters that can affect a company. Since the aim of a BCP\/ERP is to enable the company to recover, or at least operate in degraded mode, in the event of a disaster, data availability remains a top priority. While it is naturally advisable to limit the impact on the company&#8217;s sales and brand image, it is now being drawn up with a view to limiting the legal impact.<\/p>\n\n\n<div class=\"wp-block-button aligncenter\"><a class=\"wp-block-button__link has-blanc-color has-orange-background-color has-text-color has-background wp-element-button\" href=\"https:\/\/www.databack.fr\/en\/free-quotation\/\">Get a free quote<\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Data recovery poses real challenges for businesses. The entry into force of the RGPD (General Data Protection Regulation) and the challenges of BCP\/ERP place it at the heart of Information Systems (IS) governance. And the very existence of the company may depend on it. RGPD: legal obligations and data recovery The RGPD, a European regulation [&hellip;]<\/p>\n","protected":false},"author":9,"featured_media":14240,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_yoast_wpseo_title":"The challenges of data recovery - DATABACK","_yoast_wpseo_metadesc":"Data recovery sits at the heart of IS governance. With GDPR and business-continuity stakes, it can decide whether a company survives a major incident.","footnotes":""},"categories":[133,69],"tags":[102],"ppma_author":[137,141],"class_list":["post-16779","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-data-recovery-en","tag-1-6-en","author-guillaume-coutand","author-guillaume-coutand-en"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The challenges of data recovery - DATABACK<\/title>\n<meta name=\"description\" content=\"Data recovery sits at the heart of IS governance. With GDPR and business-continuity stakes, it can decide whether a company survives a major incident.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The challenges of data recovery - DATABACK\" \/>\n<meta property=\"og:description\" content=\"Data recovery sits at the heart of IS governance. With GDPR and business-continuity stakes, it can decide whether a company survives a major incident.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/\" \/>\n<meta property=\"og:site_name\" content=\"Databack\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-25T21:30:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-30T13:06:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.databack.fr\/wp-content\/uploads\/2018\/03\/1.6-1.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"553\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Guillaume Coutand, Guillaume Coutand\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Guillaume Coutand\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The challenges of data recovery - DATABACK","description":"Data recovery sits at the heart of IS governance. With GDPR and business-continuity stakes, it can decide whether a company survives a major incident.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/","og_locale":"en_US","og_type":"article","og_title":"The challenges of data recovery - DATABACK","og_description":"Data recovery sits at the heart of IS governance. With GDPR and business-continuity stakes, it can decide whether a company survives a major incident.","og_url":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/","og_site_name":"Databack","article_published_time":"2023-02-25T21:30:00+00:00","article_modified_time":"2026-06-30T13:06:57+00:00","og_image":[{"width":800,"height":553,"url":"https:\/\/www.databack.fr\/wp-content\/uploads\/2018\/03\/1.6-1.jpeg","type":"image\/jpeg"}],"author":"Guillaume Coutand, Guillaume Coutand","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Guillaume Coutand","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/#article","isPartOf":{"@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/"},"author":{"name":"Guillaume Coutand","@id":"https:\/\/www.databack.fr\/en\/#\/schema\/person\/b56bb0b56335f4949861901c4263bc9f"},"headline":"RGPD, PCA\/PRA: The challenges of data recovery","datePublished":"2023-02-25T21:30:00+00:00","dateModified":"2026-06-30T13:06:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/"},"wordCount":466,"publisher":{"@id":"https:\/\/www.databack.fr\/en\/#organization"},"image":{"@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/#primaryimage"},"thumbnailUrl":"https:\/\/www.databack.fr\/wp-content\/uploads\/2018\/03\/1.6-1.jpeg","keywords":["1.6"],"articleSection":["BLOG","Data recovery"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/","url":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/","name":"The challenges of data recovery - DATABACK","isPartOf":{"@id":"https:\/\/www.databack.fr\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/#primaryimage"},"image":{"@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/#primaryimage"},"thumbnailUrl":"https:\/\/www.databack.fr\/wp-content\/uploads\/2018\/03\/1.6-1.jpeg","datePublished":"2023-02-25T21:30:00+00:00","dateModified":"2026-06-30T13:06:57+00:00","description":"Data recovery sits at the heart of IS governance. With GDPR and business-continuity stakes, it can decide whether a company survives a major incident.","breadcrumb":{"@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/#primaryimage","url":"https:\/\/www.databack.fr\/wp-content\/uploads\/2018\/03\/1.6-1.jpeg","contentUrl":"https:\/\/www.databack.fr\/wp-content\/uploads\/2018\/03\/1.6-1.jpeg","width":800,"height":553},{"@type":"BreadcrumbList","@id":"https:\/\/www.databack.fr\/en\/blog\/rgpd-pca-pra-the-challenges-of-data-recovery\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"R\u00e9cup\u00e9ration de donn\u00e9es","item":"https:\/\/www.databack.fr\/en\/home\/"},{"@type":"ListItem","position":2,"name":"RGPD, PCA\/PRA: The challenges of data recovery"}]},{"@type":"WebSite","@id":"https:\/\/www.databack.fr\/en\/#website","url":"https:\/\/www.databack.fr\/en\/","name":"Databack","description":"Laboratoire fran\u00e7ais de traitement de donn\u00e9es sensibles et volumineuses","publisher":{"@id":"https:\/\/www.databack.fr\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.databack.fr\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.databack.fr\/en\/#organization","name":"Datenabruf","url":"https:\/\/www.databack.fr\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.databack.fr\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.databack.fr\/wp-content\/uploads\/2025\/06\/favicon.png","contentUrl":"https:\/\/www.databack.fr\/wp-content\/uploads\/2025\/06\/favicon.png","width":512,"height":512,"caption":"Datenabruf"},"image":{"@id":"https:\/\/www.databack.fr\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.databack.fr\/en\/#\/schema\/person\/b56bb0b56335f4949861901c4263bc9f","name":"Guillaume Coutand","description":"Titulaire d\u2019un master en management entrepreneurial, Guillaume Coutand d\u00e9marre sa carri\u00e8re dans le conseil en strat\u00e9gie commerciale, aupr\u00e8s d\u2019acteurs de la grande distribution. Il rejoint ensuite un cabinet de conseil en cybers\u00e9curit\u00e9, o\u00f9 il d\u00e9veloppe les missions li\u00e9es \u00e0 la gouvernance des syst\u00e8mes d'information et \u00e0 la s\u00e9curit\u00e9 offensive. Il contribue \u00e9galement \u00e0 la structuration du p\u00f4le d\u00e9di\u00e9 \u00e0 la protection des syst\u00e8mes industriels. En 2020, il int\u00e8gre DATABACK pour piloter le d\u00e9veloppement des activit\u00e9s de r\u00e9cup\u00e9ration de donn\u00e9es, d'effacement s\u00e9curis\u00e9 et de traitement de la donn\u00e9e.","sameAs":["https:\/\/www.linkedin.com\/in\/guillaume-coutand-6b77372b"]}]}},"authors":[{"term_id":137,"user_id":9,"is_guest":0,"slug":"guillaume-coutand","display_name":"Guillaume Coutand","avatar_url":{"url":"https:\/\/www.databack.fr\/wp-content\/uploads\/2025\/06\/guillaume-databack.jpg","url2x":"https:\/\/www.databack.fr\/wp-content\/uploads\/2025\/06\/guillaume-databack.jpg"},"0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""},{"term_id":141,"user_id":0,"is_guest":1,"slug":"guillaume-coutand-en","display_name":"Guillaume Coutand","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/posts\/16779","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/comments?post=16779"}],"version-history":[{"count":1,"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/posts\/16779\/revisions"}],"predecessor-version":[{"id":19108,"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/posts\/16779\/revisions\/19108"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/media\/14240"}],"wp:attachment":[{"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/media?parent=16779"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/categories?post=16779"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/tags?post=16779"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.databack.fr\/en\/wp-json\/wp\/v2\/ppma_author?post=16779"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}