Wednesday, 2 November 2016

Data Breach Management and the New EU Data Protection Regulation

I read this article in "bulletin" number 191 from the Information and Records Management Society but then could not find any link.
Now I've managed to find something which if not identical (I cannot get back to the British Library to check) is sufficiently similar to be useful.


From Information Today Europe

In his second article about the new EU Data Protection Regulation, Ibrahim Hasan explains why all organisations should be examining their approach to data breaches now.

Last year telecoms company Talk Talk was the subject of a cyberattack in which almost 157,000 customers' personal details were hacked. The company was criticised for its slow response especially the time it took to inform the Information Commissioner’s Office (ICO) and customers. Currently in the UK there is no legal obligation, under the Data Protection Act 1998 (DPA) to report personal data breaches to anyone. However the ICO guidance recommends that serious breaches should be brought to its attention. This is going to change soon.

Continue reading

And whether or not Brexit finally happens we have at least two years of operating under the new EU Data Protection Regulation.


No comments: