Under the EU General Data Protection Regulation (GDPR), all websites that process personal data must have a link to a data privacy notice that explains what personal data is collected and processed and for what purposes.
Interested in this hot topic?
Join us at our Privacy Breakfast on 5 December 2018
"How to deal with a data breach"
Almost daily there are media reports of data loss, theft or unauthorised access. According to the Gemalto Breach Level Index, there are more than 7 million data breaches worldwide every day. Only 4% of compromised data is encrypted.
Data breaches can be a breach of contract and lead to claims for damages. They can also trigger reporting obligations to the authorities and possibly obligations to inform the affected individuals, with the possibility of substantial sanctions if a report is not filed. The EU General Data Protection Regulation (GDPR) contains such reporting and information obligations.
According to the GDPR, companies are generally obliged to report personal data breaches to the competent authority within 72 hours of becoming aware of a breach. Depending on the type of incident, the individuals concerned may have to be informed as soon as possible.
Internal processes for detecting, investigating and reporting violations are indispensable in order for a company to meet these requirements.
Over a light breakfast, we would like to discuss best practices for such processes and how to proceed based on a short case study.
This privacy breakfast is intended for people that are interested in data protection, in particular internal data protection officers, legal counsels or compliance officers. Registrations from practicing peers from other law firms will not be considered.
Interested? Register by 28 November 2018 by clicking here.
Need more information?
Read also the following blogposts:
Photocredit: unsplash / Arvin Febry