Recital 88
EU GDPR

(88) In setting detailed rules concerning the format and procedures applicable to the notification of personal data breaches, due consideration should be given to the circumstances of that breach, including whether or not personal data had been protected by appropriate technical protection measures, effectively limiting the likelihood of identity fraud or other forms of misuse.

Moreover, such rules and procedures should take into account the legitimate interests of law-enforcement authorities where early disclosure could unnecessarily hamper the investigation of the circumstances of a personal data breach.

The DPO Centre is a leading provider of Outsourced Data Protection Officer, EU Representation and Consultancy services. If your organisation needs advice about any aspect of Data Protection or Privacy, then please

 

Contact Us