Keep me plugged in with the best
Join thousands of your peers and receive our weekly newsletter with the latest news, industry events, customer insights, and market intelligence.
I agree to the
terms of service
PLEASE CORRECT THE FOLLOWING:
Please Enter Some Keywords
When should an organization report a data breach?
From May 25, 2018, compliance with the EU General Data Protection Regulation(GDPR) will be mandatory for organizations that process EU residents’ personal information. The Regulation joins a number of US federal and state laws that hold organizations accountable for mitigating and managing information security risk. No matter what its size or cybersecurity posture, your organization is vulnerable to cyber crime and data breaches. Under federal, state, and international laws, once organizations become aware of a breach they have a certain amount of time to report it to the relevant supervisory authority. Sitting on an incident without reporting it puts organizations at risk of legal and other ramifications. The NYDFS cybersecurity regulation, which came into effect in August 2017 and requires covered entities to submit certification documentation by February 15, set a 72-hour rule for reporting information breaches. Under the GDPR, any business worldwide that has EU residents’ personal information compromised is required to notify supervisory authorities within 72 hours of uncovering the breach. As of yet, there is no requirement under the GDPR specifying when affected EU residents must be notified. The UK’s Information Commissioner’s Office (ICO) warns, “In light of the tight timescales for reporting a breach, it is important to have robust breach detection, investigation and internal reporting procedures in place.”
I'm for real
Enter your email once to access all our information and resources.
(Your email address is required so we know you're a real person)
By downloading this content, you give permission for your contact information to be shared with the content provider who may contact you in regards to the content.