New EU rules on personal data breach notification for telecoms and ISPs came into force recently (on 25 August 2013). European Commission Regulation (EU) 611/2013 of 24 June 2013 on the measures applicable to the notification or personal data breaches under the ePrivacy Directive (2002/58/EC) aims to ensure that telecoms operators, internet service providers and other public electronic communications service providers notify personal data security breaches consistently across the EU.
The revised ePrivacy Directive (2009/136/EC) requires telcos and ISPs to keep personal data secure and confidential and to notify relevant national data protection authorities of any breach where the affected individuals’ personal data or privacy are likely to be adversely impacted, in particular where the data is stolen, lost or accessed by unauthorised persons. The Notification Regulation requires service providers to notify the relevant national DPAs within 24 hours of detection of the breach. In addition, affected individuals must be notified without undue delay and provided with detailed information about the data breach.
SOURCE: mondaq.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…