OUT-LAW.COM reports on Ireland's draft code of practice published recently by Data Protection Commissioner Billy Hawkes. The code would require Irish organizations to report data breaches involving the personal information of more than 100 people. Organizations can avoid reporting an incident, however, if the data is encrypted and password protected. In cases involving fewer than 100 people, breaches still must be reported if the information involves sensitive personal data or financial information. The code follows a government-appointed review group's recommendation that guidelines be established regarding when organizations must report data breach incidents.
If you want to comment on this post, you need to login.