Question ID: DORA 191 - 3205
Regulation Reference: (EU) 2022/2554 - Digital Operational Resilience Act (DORA)
Topic: Digital operational resilience testing (DORA), Other DORA topics
Article: N/A
Status: Rejected
Date of submission: 11 Dec 2024
Question
We are specialized in providing collaboration solutions (Voip, Video and Chat) for public sector and banking sector within the EU. with the DORE regulation we have been approached by almost all of our customers seeking a new solution to satisfy the DORE requirements in regards to the data being generated by the collaboration systems how it should be handled and which kind of this data is under the DORA regaultion and which is not.
Background of the question
In regards to the ICT data generated by collaboration solutions from different vendors there have been no clear clarification from all the current available DORA resources of how this data should be handled, specially that such technologies as the Voip, Video confirmation and messages application do have high level of personal GDPN data of the users. so we would like to have some further clarification in specifically to the collaboration data
EIOPA answer
The question has been rejected because it seeks bespoke advice.