Data breach notifications
When a personal #databreach occurs, the controller must notify the event to the competent DPA immediately, unless it is unlikely to result in a risk to the rights and freedoms of DS (art. 33(1) GDPR)
Failure to notify the breach to the DPA when it is mandated by law makes controllers liable to a €10M or 2% annual turnover fine (art. 83(4)(a) #GDPR)
For more details on the conditions, timing, and requirements of the notification obligation, take a look at this chart
0 comentarios