Data quality, data latency and data protection requirements referred to in Article 5(4)(b) and Article 7(5)(c)

Implementing Regulation (EU) 2021/664

A. In order to meet the data quality requirements, providers of common information services and U-space service providers shall ensure that:

1. data quality is maintained;

2. verification and validation techniques are employed to ensure that data is received without corruption and that corruption does not occur at any stage of the data process;

3. the metadata is collected and preserved.

4. the transfer of data is subject to a suitable authentication process such that recipients are able to confirm that the data or information has been transmitted by an authorised source.

5. error reporting, error measurement and corrective action mechanisms are established and maintained.

B. In order to protect the data, providers of common information services and U-space service providers shall:

1. implement security policies, including data encryption and protection of critical data;

2. protect the open secure interoperable communication protocols from intentional unauthorised electronic interactions that may result in an unacceptable breakdown in communications;

3. identify, assess, and mitigate, as necessary, the security risks and vulnerabilities;

4. adhere to security standards and regulations regarding where data can be stored and ensure that third-party providers agree to follow security practices;

5. describe a policy for employee awareness and training and tools to reduce insider risks, and protection of data – including intellectual property. In doing so, they shall monitor the user and network activity to provide insight into ecosystem vulnerabilities and threats.

6. deploy solutions that augment threat detection and intelligence capabilities and ensure the use of technology safeguards.