The French data protection authority (CNIL) has issued two new types of authorizations for use by organisations which use biometric data for personnel security access purposes. Where the data subject (employee) has the possibility of verifying the accuracy of the data then the authorization AU 052 will apply. If it is not possible for such access to be made then an alternative authorization will have to be applied (AU 053). This requires data processors to introduce special safeguards such as the encryption of data when it is transmitted, the deletion of data in the event of unauthorized access, the training of persons authorized to use the equipment and complete traceability in all systems. As a first step, however, the CNIL requires processors/employers to consider whether they can avoid the use of biometric data by, for instance, just issuing name badges or giving entry access codes to employees