GDPR: Data Breach Notification 101

Data Breach Today

Brian Honan of BH Consulting on When to Notify - or Not Since the EU's new GDPR privacy law came into effect in May 2018, one challenge for organizations that suffer a breach is knowing whether or not they must report it to authorities, says Brian Honan, president and CEO of BH Consulting in Dublin

Transitioning GDPR preparations into successful operations

Information Management Resources

GDPR has now been in force for over a year, so would it be correct to assume that all organizations have taken the necessary steps to ensure compliance? GDPR Data security Data privacy

GDPR 114

Is GDPR Compliance Tougher Than HIPAA Compliance?

Data Breach Today

Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA.

Under GDPR, UK Data Breach Reports Quadruple

Data Breach Today

After Privacy Law Went Into Full Effect, Data Security Complaints Doubled One year after Europe's tough new GDPR privacy law went into full effect last May, authorities in Britain have seen the number of annual data breach notifications more than quadruple.

Exploiting GDPR to Get Private Information

Schneier on Security

A researcher abused the GDPR to get information on his fiancee: It is one of the first tests of its kind to exploit the EU's General Data Protection Regulation (GDPR) , which came into force in May 2018. cybersecurity gdpr privacy

GDPR 101

Analysis: The Significance of GDPR Fines

Data Breach Today

The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies

Examining the limits and costs of GDPR regulation

Information Management Resources

Some survey data suggests that increasingly firms are eschewing AI-based innovation due to the increased risks that GDPR brings. GDPR Data privacy Data privacy rules

GDPR: Europe Counts 65,000 Data Breach Notifications So Far

Data Breach Today

Privacy regulators have also imposed at least $63 million in GDPR fines

Marriott Faces $125 Million GDPR Fine Over Mega-Breach

Data Breach Today

Breach Persisted 4 Years - and Through Acquisition - Before Being Discovered Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016.

GDPR 221

GDPR: Still Plenty of Lessons to Learn

Data Breach Today

GDPR 206

Auditing your GDPR practices

IT Governance

Follow our advice to make sure your organisation is GDPR-compliant and avoids disciplinary action. After a relatively quiet few months, the EU GDPR (General Data Protection Regulation) is back in the news. EU GDPR GDPR


Why Isn't GDPR Being Enforced?

Schneier on Security

Politico has a long article making the case that the lead GDPR regulator, Ireland, has too cozy a relationship with Silicon Valley tech companies to effectively regulate their privacy practices. cybersecurity gdpr ireland loopholes nationalsecuritypolicy

GDPR 103

Europe Catches GDPR Breach-Notification Fever

Data Breach Today

Privacy Law is Fast Revealing the True Extent of Data Breaches Across UK and EU Less than four months after GDPR went into enforcement, Europe has arguably entered the modern data breach era.

GDPR 247

Cisco Studies Global Impact of GDPR

Data Breach Today

Cisco is out with findings from its 2019 Data Privacy Benchmark Study, which shows the impact of GDPR compliance as well as how customers are asking more questions about how their data is secured. Cisco Chief Privacy Officer Michelle Dennedy analyzes the survey

Study 212

List of free GDPR resources and templates

IT Governance

This blog was originally published before the GDPR took effect in May 2018. The EU’s GDPR (General Data Protection Regulation) requires all organisations that process EU residents’ personal data to abide by its strict terms. Conducting a data flow mapping exercise under the GDPR.


Data Breach Reports in Europe Under GDPR Exceed 59,000

Data Breach Today

Netherlands, Germany and UK Have Logged the Most Data Breach Reports Since the EU's GDPR went into full effect, European data protection authorities have received over 59,000 data breach reports, with the Netherlands, Germany and the U.K.

GDPR Data Subject Access Requests: How to Respond

IT Governance

The EU GDPR (General Data Protection Regulation) grants data subjects the right to access their personal data. Subject access requests are not new, but the GDPR introduced several changes that make responding to them more challenging.

Marriott Mega-Breach: Will GDPR Apply?

Data Breach Today

With GDPR in full effect since May, organizations with data security practices face the potential of massive fines Legal Experts Suspect So, But Investigation Could Take a Year or More Will Marriott be the first organization that lost control of Europeans' personal data to feel the full force of the EU's General Protection Regulation?

GDPR 198

15 GDPR Probes in Ireland Target Facebook, Twitter, Others

Data Breach Today

Ten of the 15 major investigations that the Data Protection Commission launched since the EU's tough new privacy law, GDPR, went into full effect in May 2018 are focused on Facebook

GDPR 235

Infographic: GDPR data subject access request (DSAR) flowchart

IT Governance

DSARs are becoming increasingly common, and failure to respond in accordance with the GDPR’s (General Data Protection Regulation) requirements can lead to significant fines and sanctions. EU GDPR dsar GDPR


List of mandatory documents required by the GDPR

IT Governance

The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance with other aspects of the GDPR.

The role of blockchain in helping organizations meet GDPR compliance

Information Management Resources

GDPR Blockchain Data management Data privacy Data securityMany have begun to consider whether the technology could be used to improve customer data management processes, as they relate to the upcoming EU mandate.

Cyber resilience and the GDPR

IT Governance

Cyber resilience is referred to broadly throughout the GDPR (General Data Protection Regulation) , meaning its framework will help you achieve compliance, protect your customers and prevent disciplinary action. What the GDPR says. Cyber Resilience GDPR

GDPR 101

GDPR: 8,000 Data Breach Reports Filed So Far in UK

Data Breach Today

Privacy Watchdog Counts 41 Daily Breach Reports Since GDPR Enforcement Began The U.K.'s

3 GDPR compliance tips for small businesses

IT Governance

This week marks one year since the GDPR (General Data Protection Regulation) took effect, and although we’ve seen organisations take huge strides in their commitment to information security, many are still struggling to implement the necessary measures. Teach your staff about the GDPR.

Tips 82

The Reasons Behind Google's GDPR Fine

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of why Google was one of the first companies to be hit with a major GDPR fine, plus a global update on GDPR compliance trends and an in-depth report on shifts in malware

GDPR 149

British Airways Faces Record-Setting $230 Million GDPR Fine

Data Breach Today

GDPR 251

Kickstart your GDPR program

OpenText Information Management

The role of Data Discovery in General Data Protection Regulation (GDPR) compliance is the essential first step to building a successful GDPR program, but it’s one that many companies are struggling to take.


Bestselling GDPR solutions

IT Governance

For many, 2018 will go down as the year of the GDPR (General Data Protection Regulation). The GDPR is not any less relevant in 2019. That means any slack your organisation was given in the first few months of the GDPR will be tightened. EU GDPR GDPR


The GDPR for the Little Guy (or Gal)

Weissman's World

What is the GDPR? The GDPR is the European Union’s General Data Protection Regulation, and as the EU’s new take on privacy protection, it took effect a month ago to much fanfare. The post The GDPR for the Little Guy (or Gal) appeared first on Holly Group. GDPR infogov

GDPR 190

ITALY: First GDPR fine issued!

DLA Piper Privacy Matters

The first GDPR fine was issued in Italy by the Garante for the lack of implementation of privacy security measures following a data breach on the so-called Rousseau platform operating the websites of the Movimento 5 Stelle party. The first GDPR fine issued in Italy. Uncategorized GDPR Italy Privacy


Ten steps to a GDPR gap analysis

IT Governance

Most GDPR (General Data Protection Regulation) compliance projects start with a gap analysis. Can I use a free GDPR gap analysis tool? More concerningly, these free tools can prove troublesome for users who have limited knowledge of their compliance obligations under the GDPR.

The impact of GDPR on cybersecurity managers

Information Management Resources

Among many unclear implication of GDPR, the vaguest might be how to ensure compliance with the security requirements, including data protection by design and by default. GDPR Compliance Compliance systems Data privacy


Patient Record Snooping Incident Leads to GDPR Fine

Data Breach Today

GDPR 215

The GDPR: A year in review

IT Governance

A year ago this week, the GDPR (General Data Protection Regulation) took effect, promising to revolutionise information security. According to some of our experts, like Senior Consultancy Manager Nicky Whiting, many organisations have become complacent about their GDPR compliance requirements.


GDPR: How the definition of personal data has changed

IT Governance

On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. Let’s start with the circumstances under which the processing of personal data must meet the GDPR’s requirements. DPO as a service (GDPR).

GDPR will be a harsh wake-up call for most U.S. companies

Information Management Resources

GDPR Compliance Compliance systems Data privacy Data securityRecent studies suggest only one-in-four organizations are well-prepared for the data management mandate, a statistic that could have costly consequences.

GDPR 221

Facebook Submits GDPR Breach Notification to Irish Watchdog

Data Breach Today

Report Into 50 Million Breached Accounts Is Incomplete, Privacy Watchdog Warns To comply with GDPR, Facebook has notified Ireland's data privacy watchdog about the massive breach it has suffered, resulting in 50 million accounts being exposed.

GDPR 229

GDPR Primer

The Schedule

A few weeks ago, Chuck Piotrwoski of PIOT presented a great webinar on the General Data Protection Regulation (GDPR). Chuck broke down GDPR into several basic principles: data about a person belongs to the person.


Life Under GDPR: Data Breach Cost Unknown

Data Breach Today

GDPR has been in effect since May 2018, but organizations are still waiting to see what impact it will have on the costs organizations might face from breach cleanup, investigations, sanctions and class action lawsuits, says Ian Thornton-Trump of the financial services firm AMTrust International