A diplomat from the EU Delegation in a third country must send a confidential report containing personal data of EU citizens to their superior in Brussels. The report is in a format that requires proprietary software for editing, but the recipient only has access to open-source software. Furthermore, the submission must be made through a cloud collaboration platform that has not been specifically assessed for the processing of highly sensitive data under the GDPR. Considering the EU security framework and GDPR principles, what is the most appropriate procedure to guarantee data security and interoperability without compromising privacy protection?