The Security Detail

Feb 27 2011   11:18AM GMT

Prepare for Impending EU Data Breach Notification Mandate

Tony Bradley Tony Bradley Profile: Tony Bradley

As of May 25, 2011, new data breach notification rules will be enforced across the European Union. Despite increased awareness and efforts to implement technology to protect data, breaches seem to occur at an alarming rate. Users–those who trusted their personal information and sensitive data to a third-party organization–deserve to know when that information has been exposed or compromised in any way.

A recent discussion on the Zecurion Group on (you may have to at least be a member of LinkedIn, if not a member of the Zecurion Group to read this–joining is free) highlights the upcoming EU mandate, and provides an extensive, detailed look at the elements of the data breach notification rules and how to implement effective compliance.

The report shared in the Zecurion Group ends with this summary:

At any rate, ENISA already provides us with useful examples of practices in Europe, helping the stakeholders in their study of the question:

  • The risks should be clearly identified.
  • Breaches should be evaluated and prioritised before notifying it to data protection authorities and data subjects.
  • The means of notifications should be specifically decided by the operators and used without undue delay.
  • Regulatory authorities should strengthen compliance.
  • Private operators and data protection authorities should usefully cooperate to enforce the security through this new procedure.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: