The European Data Protection Board published updated guidelines on personal data breach notification under the EU General Data Protection Regulation. The guidelines, adopted 28 March following public consultation, clarify notification requirements for personal data breaches at non-EU establishments. The guidelines state each supervisory authority for member states where affected data subjects reside need to be notified of a breach.
6 April 2023
EDPB updates guidelines on personal data breach notification
Related stories
Notes from the IAPP Canada: Are good intentions enough to stay on top of potential data breaches?
A view from DC: Can consumer protection enforcement unduly burden AI innovation?
CPPA Board finalizes long-awaited ADMT, cyber audit, risk assessment rules
A view from Brussels: Will the Data Union Strategy finally lead to the European data single market?
Notes from the Asia-Pacific region: OPC releases inquiry report on FRT trial
