The Irish Data Protection Commission released guidance to help data controllers better understand the data breach notification requirements found within the EU General Data Protection Regulation. The guide covers notifications controllers need to send to both the data subjects affected by a breach and to the agency itself. The agency offers a definition of what constitutes a breach and when a controller has to notify the agency. The document also contains a link to the DPC’s breach notification page.
If you want to comment on this post, you need to login.