The objective of this regulation is to allow the free flow of personal data between member states of the European Union by harmonizing the level of adequate protection. Organizations must implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.