Poland's data protection authority published guidance for data controllers on data breach notification compliance. Following the examination of data breach reports, the Office for Personal Data Protection found that not all controllers are properly and transparently reporting breaches. The authority's guidance explains that proper notifications must contain all necessary elements, be written clearly and transparently, and be formatted in a way that allows data subjects to fully understand the contents of the notification. Exceptions to required notifications are also spelled out in the guidance. (Original article is in Polish.)
If you want to comment on this post, you need to login.