Speaking at a cybersecurity conference, U.K. Deputy Information Commissioner James Dipple-Johnstone discussed the issues with over-reporting data breaches since the EU General Data Protection Regulation went into effect, Out-Law.com reports. Since May 25, Dipple-Johnstone said the U.K. Information Commissioner’s Office would receive about 500 calls a week to its data breach reporting phone line, with the ICO finding one-third of the incidents were not reportable under the data breach notification threshold laid out in the GDPR. Dipple-Johnstone said data controllers may be over-reporting in order to be transparent and to manage any perceived risks. Meanwhile, CSO reports on the need for a data-breach risk-ratings system.
If you want to comment on this post, you need to login.