Personal data breaches
A personal data breach is a security incident leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. It can lead to physical, material, or non-material damage for individuals, including loss of control over personal data, limitation of rights, discrimination, identity theft or fraud, or financial loss.
Organisations must document and handle data breaches appropriately.
The EDPB provides guidance to help organisations fulfil their responsibilities as data controllers and processors, clarifying which data breaches require notification to the competent data protection authority within 72 hours, and which breaches require communication to the affected individuals.
Guidance
Guidelines 9/2022 on personal data breach notification under GDPR
Guideline
#Personal data breaches
Read more about
Guidelines 9/2022 on personal data breach notification under GDPR
Enforcement
Decision 01/2020 on the dispute arisen on the draft decision of the Irish Supervisory Authority regarding Twitter International Company under Article 65(1)(a) GDPR
EDPB Binding Decisions
#GDPR enforcement
#Fines
#Cooperation between authorities
#Personal data breaches
Read more about
Decision 01/2020 on the dispute arisen on the draft decision of the Irish Supervisory Authority regarding Twitter International Company under Article 65(1)(a) GDPR
Enforcement support
One-Stop-Shop case digest on Security of Processing and Data Breach Notification
Support Pool of Experts
#GDPR enforcement
#Cooperation between authorities
#Cybersecurity
#Personal data breaches
Read more about
One-Stop-Shop case digest on Security of Processing and Data Breach Notification