Now that GDPR is here, what do US companies do if they have a breach?


With a record number of data breaches last year and a steady stream of new revelations about the misuse of data, you may think you’ve heard everything there is to know about data breaches.

You’d be wrong.

Now, with the General Data Protection Regulation (GDPR) fully implemented, there’s yet another way for companies to be in breach of data privacy laws. GDPR is a sweeping set of rules governing the handling of European Union members’ personal data, no matter where it is. It came into full force in May, and breaches carry huge fines — up to 4 percent of a company’s annual global turnover or €20 million (whichever is greater).

What is a breach under GDPR?

GDPR defines it as a “breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data.” Under GDPR, entities have only 72 hours to notify a supervisory authority, which is also known as a data protection authority (DPA). Data controllers are required to report breaches to the authority, while processors must report them to their controllers.

[Read the full article on MarTech Today.]


About The Author

Robin Kurzer started her career as a daily newspaper reporter in Milford, Connecticut. She then made her mark on the advertising and marketing world in Chicago at agencies such as Tribal DDB and Razorfish, creating award-winning work for many major brands. For the past seven years, she’s worked as a freelance writer and communications professional across a variety of business sectors.





Source link

READ ALSO  Solix survey supplies more evidence of GDPR unreadiness
?
WP Twitter Auto Publish Powered By : XYZScripts.com