# O4.3 Ensure secure and auditable data handling

{% tabs %}
{% tab title="Principle" %}
[O4: Assure data security by design](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/principles/operational-principles/o4-assure-data-security-by-design)
{% endtab %}

{% tab title="Risk" %}
[RS2 Digital insecurity](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/risks/risks-to-safety), [RS1 Privacy vulnerability](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/risks/risks-to-safety), [SV4 Technical shortcomings](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/risks/risks-to-structural-vulnerabilities)
{% endtab %}

{% tab title="Life Cycle Stage" %}
L2: Strategy & Design
{% endtab %}
{% endtabs %}

## Practices

> * Adopt a federated and decentralized architecture to enhance privacy and resilience by distributing data and control.
> * Utilize tokenization and data masking, implement granular electronic consent frameworks, enforce end-to-end encryption, and employ digital signatures and verifiable credentials to ensure robust, auditable, and trustworthy data management and transactions.

## Resources

<table data-view="cards"><thead><tr><th></th><th></th><th></th></tr></thead><tbody><tr><td><strong>References</strong></td><td></td><td>CDPI (N/d). DPI Tech Architecture Principles. Centre for Digital Public Infrastructure. https://docs.cdpi.dev/the-dpi-wikipedia/dpi-tech-architecture-principles</td></tr></tbody></table>