With up to 60 million customers affected, the recent security breach at North America’s largest hardware store, The Home Depot, once again proves that even some of the largest retailers have not implemented business processes that ensure the timely detection and communication, if not prevention, of such incidents. This post sheds a light on their dire consequences for consumers and what lawmakers in the U.S. and the E.U. intend to do about it.
Filed under Andreas Leupold, Comments, English, Europe, European Union, North America, United States · Tagged with compensatory and punitive damages, credit card monitoring services, data breach notification, data breaches, Data Security and Breach Notification Act (United States), data security breaches, European Data Protection Board, European Data Protection Regulation, Federal Trade Commission, fingerprint authentication, FTC, GDPR, incident discovery and reporting, National Institute of Standards and Technology, New Hampshire, NIST, security breaches, technical and organizational measures, technological protection measures, The Home Depot
As the EU is about to enact a General Data Protection Regulation that will introduce a general obligation to notify personal data breaches for all companies doing business in Europe or directing it towards EU-based customers, we provide the reader with 8 of the most important aspects related to the implementation of this new obligation.
Filed under Andreas Leupold, Comments, English, EU Law, Europe, European Union, Outlines · Tagged with adverse effect, breach notification process, Chief Information Officer, Chief Privacy Officer, Chief Security Officer, CIO, CPO, CSO, data breaches, data controllers, data processors, data protection authorities, data protection officer, data security breaches, EU Directive 2002/58/EC, EU Directive 2009/136/EC, European Data Protection Board, GDPR, General Data Protection Regulation, incident discovery and reporting system, intelligence agencies, national supervisory authorities, obligation to report, personal data breach, technological protection measures, without undue delay
The Home Depot Data Breach
Posted by "Security Breaches" Administrator on September 23, 2014 · Leave a Comment
With up to 60 million customers affected, the recent security breach at North America’s largest hardware store, The Home Depot, once again proves that even some of the largest retailers have not implemented business processes that ensure the timely detection and communication, if not prevention, of such incidents. This post sheds a light on their dire consequences for consumers and what lawmakers in the U.S. and the E.U. intend to do about it.
Rate this:
Filed under Andreas Leupold, Comments, English, Europe, European Union, North America, United States · Tagged with compensatory and punitive damages, credit card monitoring services, data breach notification, data breaches, Data Security and Breach Notification Act (United States), data security breaches, European Data Protection Board, European Data Protection Regulation, Federal Trade Commission, fingerprint authentication, FTC, GDPR, incident discovery and reporting, National Institute of Standards and Technology, New Hampshire, NIST, security breaches, technical and organizational measures, technological protection measures, The Home Depot