Steven Carroll reports:
Data protection controllers should face sanctions for deliberate or reckless breaches of information protection law, a Government appointed review group has concluded.
The obligations of controllers to report security breaches should be set out in a statutory code of practice, which would outline when disclosure of data breaches is mandatory, and failure to highlight such incidents should lead to prosecution, the report by the Data Protection Review Group states.
Read more in the Irish Times.