The Irish Data Protection Commission has released guidance on data breach notification requirements under the EU General Data Protection Regulation. The guide offers an overview of the breach notification rules found within the GDPR, as well as explanations and case studies on assessing risk, inadequate reporting, late or no notifications, social engineering and data accuracy. The DPC constructed the guide by analyzing statistics and trends it saw since the GDPR went into effect May 2018. “The guidance below has been designed to help controllers better understand their obligations with regards to notification and communication requirements — covering notification to the DPC, and also communication to data subjects, where applicable,” the guide states.
If you want to comment on this post, you need to login.