The top 8 issues all CIO’s, CSO’s and CPO’s should know about how to notify data breaches in Europe

As the EU is about to enact a General Data Protection Regulation that will introduce a general obligation to notify personal data breaches for all companies doing business in Europe or directing it towards EU-based customers, we provide the reader with 8 of the most important aspects related to the implementation of this new obligation.

Rate this:

New Brazilian Data Protection Bill Adopts Data Breach Notification Regime

"Metrô-Linha Vermelha" (Photo by "mlsirac"; shot on Sept. 11, 2010 in Sao Paulo, Brazil). Available at http://www.flickr.com/photos/mlsirac/4988830112/ (Creative Commons "Attribution-NonCommercial-NoDerivs 2.0 Generic (CC BY-NC-ND 2.0)" license.)

The new Brazilian Data Protection bill currently in discussion provides a whole new approach to data protection for the country. It also follows the current trend of several countries, the European Union included, by adopting a data breach notification regime. The text would make companies liable without the need to prove omission or negligence. Currently they are only liable to the extent of damages resulting from the misuse of information leaked or stolen due to a data security breach.

Rate this:

ENISA Surveys Stakeholders of Upcoming EU Data Breach Notification Regime

"Grillage gelé" (Photo by "Photophilius"; shot on Dec. 13, 2008). Available at http://www.flickr.com/photos/30254220@N04/3116313871/ (Creative Commons "Attribution-NonCommercial-ShareAlike 2.0 Generic (CC BY-NC-SA 2.0)" license.)

The European Network and Information Security Agency has recently published a report on data breach notifications in the European Union. ENISA surveyed data protection authorities, telecommunications regulatory authorities and telecom operators from different countries in the EU, but also from other non-EU countries such as the United States.
Using the various stakeholders’ responses, the report helps understand the practices and challenges of the future mandatory data breach notification regime, and aims to assist public authorities and private organizations in the EU as they implement data breach notification policies by providing a set of recommendations.
(Résumé aussi disponible en français)

Rate this:

  • Blog authors

  • Copyright notice

    © Copyright 2010-2014 "Information Security Breaches & The Law".
    All rights reserved, unless noted otherwise under each author's post, page or other material.
    If you would like to discuss licensing terms, contact us at: info [at] security-breaches [dot] com.

  • Enter your e-mail address here to follow this blog and receive notifications of new posts by e-mail.

  • The “Global Information Security Breach Professionals” Group on Linkedin

  • Wordpress Blog Stats

    • 42,252 hits