The UK Information Commissioner’s Office (ICO) has released a new 13-page guide to public electronic communication service providers to help explain when such companies are obligated to report personal data breaches, Out-Law.com reports. Telecoms would be required to submit monthly reports to the ICO laying out all the security breaches sustained. This ICO did say such reports could be disclosed under Freedom of Information Act requirements. "Strictly speaking, PECR (Privacy and Electronic Communications Regulations) does not require this monthly return," the ICO said. "However, we believe that this remains a useful exercise as it will demonstrate that service providers are monitoring their security properly and taking their responsibilities seriously. If we do not receive a monthly return from a service provider, this may trigger further investigation."
If you want to comment on this post, you need to login.