Companies Are Over Reporting Data Breaches Post GDPR

By   ISBuzz Team
Writer , Information Security Buzz | Sep 18, 2018 12:42 pm PST

The Information Commissioner’s Office revealed it has been receiving 500 reports by telephone per week since GDPR came into force, a third of which are considered to be unnecessary or fail to meet the threshold for a data incident. ICO deputy commissioner James Dipple-Johnstone revealed that misconceptions are still commonplace among organisations more than three months after GDPR came into force, leading to a large number of needless calls to the regulator.

Andy Norton, Director of Threat Intelligence at Lastline:

“In the first 32 days of GDPR coming into existence, there were 4009 complaints lodged across the various European Data Protection Offices. Unfortunately many of the stipulations in GDPR are open to subjective interpretation currently. For example, how does someone accurately access the llikeilhood of harm coming to an effected data subject following a leak or theft of data? So, we are witnessing organisations being abundantly cautious and notifying the data regulators at any breach which has the potential for harm, in an attempt to avoid heavy fines.”

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x