# O4.7 Implement a framework for safe data storage and processing

{% tabs %}
{% tab title="Principle" %}
[O4: Assure data security by design](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/principles/operational-principles/o4-assure-data-security-by-design)
{% endtab %}

{% tab title="Risk" %}
[RS2 Digital insecurity](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/risks/risks-to-safety), [RS1 Privacy Vulnerability](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/risks/risks-to-safety), [SV4 Technical shortcomings](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/risks/risks-to-structural-vulnerabilities)
{% endtab %}

{% tab title="Life Cycle Stage" %}
L5: Operations & Maintenance
{% endtab %}
{% endtabs %}

## Practices

> Use Role-Based Access Control (RBAC): Set up RBAC to limit data access based on user roles and responsibilities.
>
> Schedule regular penetration tests to identify and fix vulnerabilities in data storage and processing system.

## Resources

<table data-view="cards"><thead><tr><th></th><th></th><th></th></tr></thead><tbody><tr><td>References</td><td>World Bank (2021). Principles on Identification for Sustainable Development: Toward the Digital Age. Washington, D.C. https:// documents1.worldbank.org/curated/en/213581486378184357/pdf/ Principles-on-Identification-for-Sustainable-Development-Toward-the- Digital-Age.pdf</td><td></td></tr></tbody></table>