Ransomwares and other kind of malwares are waiting the first weakness of your IT systems to attack. Nearly every week, a new data breach is mentioned in the press, tarnishing the affected company’s reputation. Disclosure of personal data breaches to the Luxembourg data protection authority is currently only mandatory for certain specific controllers but will be generalised from the entry into application of the GDPR on 25 May 2018. The Article 29 Working Party (WP 29) has published draft guidelines (open for comments until 28 November 2017) in order to clarify the scope of this new obligation.
Notification to the supervisory authority
The GDPR defines a personal data breach as a breach of security leading to the accidental or unlawful destruction,...
|