GDPR: Data Breach Notification 101

Data Breach Today

Brian Honan of BH Consulting on When to Notify - or Not Since the EU's new GDPR privacy law came into effect in May 2018, one challenge for organizations that suffer a breach is knowing whether or not they must report it to authorities, says Brian Honan, president and CEO of BH Consulting in Dublin

Is GDPR Compliance Tougher Than HIPAA Compliance?

Data Breach Today

Analysts: GDPR Case in Portugal Offers Lessons for U.S. Healthcare Entities An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA.

Under GDPR, UK Data Breach Reports Quadruple

Data Breach Today

After Privacy Law Went Into Full Effect, Data Security Complaints Doubled One year after Europe's tough new GDPR privacy law went into full effect last May, authorities in Britain have seen the number of annual data breach notifications more than quadruple.

Using Strategic Data Governance to Manage GDPR/CCPA Complexity

erwin

for alleged violations of the European Union’s General Data Protection Regulation (GDPR). While not the first , it is the largest penalty levied since the GDPR went into effect in May 2018. Five Steps to GDPR/CCPA Compliance.

GDPR 110

Analysis: The Significance of GDPR Fines

Data Breach Today

The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies

GDPR 201

GDPR: Europe Counts 65,000 Data Breach Notifications So Far

Data Breach Today

Privacy regulators have also imposed at least $63 million in GDPR fines

Why Isn't GDPR Being Enforced?

Schneier on Security

Politico has a long article making the case that the lead GDPR regulator, Ireland, has too cozy a relationship with Silicon Valley tech companies to effectively regulate their privacy practices. cybersecurity gdpr ireland loopholes nationalsecuritypolicy

GDPR 114

List of free GDPR resources and templates

IT Governance

This blog was originally published before the GDPR took effect in May 2018. The EU’s GDPR (General Data Protection Regulation) requires all organisations that process EU residents’ personal data to abide by its strict terms. Conducting a data flow mapping exercise under the GDPR.

GDPR 97

Europe Catches GDPR Breach-Notification Fever

Data Breach Today

Privacy Law is Fast Revealing the True Extent of Data Breaches Across UK and EU Less than four months after GDPR went into enforcement, Europe has arguably entered the modern data breach era.

GDPR 247

Exploiting GDPR to Get Private Information

Schneier on Security

A researcher abused the GDPR to get information on his fiancee: It is one of the first tests of its kind to exploit the EU's General Data Protection Regulation (GDPR) , which came into force in May 2018. cybersecurity gdpr privacy

GDPR 114

GDPR: Still Plenty of Lessons to Learn

Data Breach Today

GDPR 207

Cisco Studies Global Impact of GDPR

Data Breach Today

Cisco is out with findings from its 2019 Data Privacy Benchmark Study, which shows the impact of GDPR compliance as well as how customers are asking more questions about how their data is secured. Cisco Chief Privacy Officer Michelle Dennedy analyzes the survey

GDPR 212

Facial Recognition Use Triggers GDPR Fine

Data Breach Today

GDPR 223

Marriott Faces $125 Million GDPR Fine Over Mega-Breach

Data Breach Today

Breach Persisted 4 Years - and Through Acquisition - Before Being Discovered Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016.

GDPR 225

Data Breach Reports in Europe Under GDPR Exceed 59,000

Data Breach Today

Netherlands, Germany and UK Have Logged the Most Data Breach Reports Since the EU's GDPR went into full effect, European data protection authorities have received over 59,000 data breach reports, with the Netherlands, Germany and the U.K.

7 steps to highly effective GDPR compliance

IT Governance

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. If you’re overwhelmed about GDPR compliance or find most implementation advice too technical and complex, don’t worry.

GDPR 91

Bestselling GDPR solutions

IT Governance

For many, 2018 will go down as the year of the GDPR (General Data Protection Regulation). The GDPR is not any less relevant in 2019. That means any slack your organisation was given in the first few months of the GDPR will be tightened. EU GDPR GDPR

GDPR 71

Marriott Mega-Breach: Will GDPR Apply?

Data Breach Today

With GDPR in full effect since May, organizations with data security practices face the potential of massive fines Legal Experts Suspect So, But Investigation Could Take a Year or More Will Marriott be the first organization that lost control of Europeans' personal data to feel the full force of the EU's General Protection Regulation?

GDPR 198

Cyber resilience and the GDPR

IT Governance

Cyber resilience is referred to broadly throughout the GDPR (General Data Protection Regulation) , meaning its framework will help you achieve compliance, protect your customers and prevent disciplinary action. What the GDPR says. Cyber Resilience GDPR

GDPR 107

15 GDPR Probes in Ireland Target Facebook, Twitter, Others

Data Breach Today

Ten of the 15 major investigations that the Data Protection Commission launched since the EU's tough new privacy law, GDPR, went into full effect in May 2018 are focused on Facebook

GDPR 235

Kickstart your GDPR program

OpenText Information Management

The role of Data Discovery in General Data Protection Regulation (GDPR) compliance is the essential first step to building a successful GDPR program, but it’s one that many companies are struggling to take.

GDPR 77

GDPR: 8,000 Data Breach Reports Filed So Far in UK

Data Breach Today

Privacy Watchdog Counts 41 Daily Breach Reports Since GDPR Enforcement Began The U.K.'s

3 GDPR compliance tips for small businesses

IT Governance

This week marks one year since the GDPR (General Data Protection Regulation) took effect, and although we’ve seen organisations take huge strides in their commitment to information security, many are still struggling to implement the necessary measures. Teach your staff about the GDPR.

GDPR 91

The Reasons Behind Google's GDPR Fine

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of why Google was one of the first companies to be hit with a major GDPR fine, plus a global update on GDPR compliance trends and an in-depth report on shifts in malware

GDPR 151

The GDPR for the Little Guy (or Gal)

Weissman's World

What is the GDPR? The GDPR is the European Union’s General Data Protection Regulation, and as the EU’s new take on privacy protection, it took effect a month ago to much fanfare. The post The GDPR for the Little Guy (or Gal) appeared first on Holly Group. GDPR infogov

GDPR 190

Ten steps to a GDPR gap analysis

IT Governance

Most GDPR (General Data Protection Regulation) compliance projects start with a gap analysis. Can I use a free GDPR gap analysis tool? More concerningly, these free tools can prove troublesome for users who have limited knowledge of their compliance obligations under the GDPR.

GDPR 86

Take Two: Why Organizations Are Reviewing GDPR Efforts

Data Breach Today

Now, however, numerous organizations are revisiting and refining their GDPR compliance efforts around preparation and remediation, says PwC's Polly Ralph

GDPR 130

The GDPR: A year in review

IT Governance

A year ago this week, the GDPR (General Data Protection Regulation) took effect, promising to revolutionise information security. According to some of our experts, like Senior Consultancy Manager Nicky Whiting, many organisations have become complacent about their GDPR compliance requirements.

GDPR 80

GDPR: How the definition of personal data has changed

IT Governance

On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. Let’s start with the circumstances under which the processing of personal data must meet the GDPR’s requirements. DPO as a service (GDPR).

GDPR Compliance — The Fines Have Begun!

InfoGoTo

GDPR compliance has been a major talking point among information governance professionals for quite some time. GDPR’s First Fines Are Nothing to Sneeze At. While this was the first such fine for GDPR compliance failures in France, it is not unusual.

The GDPR: Requirements for encryption

IT Governance

Six months since the GDPR (General Data Protection Regulation) came into force, pseudonymisation and data encryption remain the only technology measures specifically mentioned in the famously technology-agnostic Regulation. BreachReady EU GDPR GDPR ISO 27001

Facebook Submits GDPR Breach Notification to Irish Watchdog

Data Breach Today

Report Into 50 Million Breached Accounts Is Incomplete, Privacy Watchdog Warns To comply with GDPR, Facebook has notified Ireland's data privacy watchdog about the massive breach it has suffered, resulting in 50 million accounts being exposed.

GDPR 232

ITALY: First GDPR fine issued!

DLA Piper Privacy Matters

The first GDPR fine was issued in Italy by the Garante for the lack of implementation of privacy security measures following a data breach on the so-called Rousseau platform operating the websites of the Movimento 5 Stelle party. The first GDPR fine issued in Italy. Uncategorized GDPR Italy Privacy

GDPR 81

How the ICO measures GDPR compliance

IT Governance

Whenever someone mentions the GDPR (General Data Protection Regulation) , one of the first things they discuss is the potential for huge fines that it brings. This includes the GDPR, the Freedom of Information Act and the PECR (Privacy and Electronic Communications Regulations).

GDPR 91

Life Under GDPR: Data Breach Cost Unknown

Data Breach Today

GDPR has been in effect since May 2018, but organizations are still waiting to see what impact it will have on the costs organizations might face from breach cleanup, investigations, sanctions and class action lawsuits, says Ian Thornton-Trump of the financial services firm AMTrust International

British Airways Faces Record-Setting $230 Million GDPR Fine

Data Breach Today

GDPR 254

GDPR: Is Australia Ready?

Data Breach Today

With Europe's GDPR enforcement set to take effect on May 25, Australian organizations vary in readiness. Steve Ingram of PwC says it's not too late for companies to prepare for GDPR, but it will be too late to ask regulators for forgiveness if something goes wrong

GDPR 100

List of mandatory documents required by the GDPR

IT Governance

The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance with other aspects of the GDPR.

GDPR 82

GDPR Data Subject Access Requests: How to Respond

IT Governance

The EU GDPR (General Data Protection Regulation) grants data subjects the right to access their personal data. Subject access requests are not new, but the GDPR introduced several changes that make responding to them more challenging.

A guide to the GDPR’s EU representative requirements

IT Governance

You might have heard increased chatter recently about the need for an EU representative under the GDPR (General Data Protection Regulation). This requirement wasn’t widely discussed in the UK when the GDPR took effect, because it didn’t apply.

GDPR 107