Data breach notifications play a large role in the General Data Protection Regulation. Data controllers must notify the Information Commissioner’s Office of a personal data breach within 72 hours of learning of the breach and must provide specific details of the breach such as the nature of it and the approximate number of data subjects affected. Data controllers must notify data subjects as quickly as possible of breaches when the breaches place their rights and freedoms at high risk. The penalties for GDPR non-compliance can be up to 4% of the violating company’s global annual revenue. Your business must be compliant by May 25th, 2018.
Give us a call – we can help.