This article originally appeared in Law360 on February 6, 2019.
Law360 (February 6, 2019, 10:46 PM EST) — European regulators have fielded more than 59,000 data breach notifications from public and private organizations since the sweeping General Data Protection Regulation took effect in May, according to a new survey by DLA Piper, fueling questions about how authorities will handle the influx of disclosures.
The European Union‘s breach reporting regime underwent a drastic transformation on May 25, when the GDPR officially came into force. Besides tightening restrictions on the use and flow of personal data, the new regulation for the first time made breach notification a blocwide mandate, requiring companies to tell national data protection authorities about breaches that are likely to result in a risk of harm to affected individuals within 72 hours of discovery and to notify impacted individuals of “high risk” incidents “without undue delay.”
To continue reading, go to Law360.com.
