One of the most hotly talked about requirements of the EU GDPR is the need to notify the authority within 72 hours of when a data breach is detected (in the UK this is the ICO – www.ico.org.uk). This requirement for data breach notifications is not unique to the EU, GDPR is supra-national so it applies to all organisations that process the data of EU citizens. Additionally, other countries have, or are planning, similar rules to mandate. The UK will have to implement equivalent rules after Brexit in order to continue to exchange information with the EU; but countries like Australia have also set out their own mandatory data breach notification requirements which are similar to the EU.Read More
The new GDPR data breach notification requirement will, from May 2018, impose a need for businesses to advise the data protection authority (in the UK this is the ICO) when they have a notifiable privacy breach.Read More
The looming EU GDPR requirements around privacy, data breach notification and data protection (along with the equivalent UK legislation that will inevitably mirror EU regulations after Brexit), are causing bow waves through IT delivery, cloud hosting, security, compliance and privacy across organisations of all types and sizes. How bad will a data breach notification actually be?Read More
There is an entire industry springing up around the EU General Data Protection Regulation and the requirement for data breach notifications. It is really not necessary to search hard to find a law firm, consultancy, product vendor or service provider who can help you solve the many faceted problems that the GPDR presents or assist you in formulating your data breach notification process – there are also no shortage of marketing teams only too willing to explain how they can help and what their solutions offer.
The reality is that as a compliance requirement there are two sides to the changes that are necessary under GDPR – things you want to do and things you have to do.Read More