In anticipation of the GDPR, various guidance has been published by the Article 29 Working Party, the body of national EU data regulators. Of most relevance in the cyber context is the guidance on personal data breach notifications; the Article… Read more

With increased outsourcing to the cloud or other third party external service providers and an increasingly complex supply chain for businesses, modern strategies for leveraging data can bring significant business efficiencies, competitive edge and growth opportunities, but also a range… Read more

The GDPR introduces a new mandatory requirement for all controllers to notify the appropriate data protection authority of a “personal data breach” likely to result in a risk to people’s rights and freedoms, for example following a cyber-attack. This will… Read more

In the run up to the GDPR applying from next year, there has been a variety of practical guidance for compliance at the European level through the Article 29 Working Party (“WP29”) (which reflects the consolidated view of national supervisory… Read more