Protect and properly secure health data so that its confidentiality, integrity, availability and non-repudiation are ensured and take appropriate and proportionate technical and organisational measures to manage the risks posed to the security of network and information systems and avoid health data breaches.