Nick O’Connell of Al Tamimi & Company lays out the data breach notification requirements for entities doing business in Dubai. Although databreach notification to consumers is not required, it may be appropriate and could influence any penalties the entity might face for the breach. Read more about the expectations and requirements on Lexology.
Category: Non-U.S.
Ca: 900 patients affected by Saskatchewan’s Heartland Health Region privacy breach
The Star Phoenix reports: An employee has been terminated and roughly 900 patients are being notified following a privacy breach in Saskatchewan’s Heartland Health Region. According to a news release issued Thursday, a “detailed inquiry” was launched after the breach was reported in July. It found one employee inappropriately accessed personal health information of patients…
South Korea: KCC introduces ‘strong incentive’ for breach reporting
Oh, this is an intriguing approach. Alice Marini reports: The Korean Communications Commission (KCC) announced, on 21 August 2015, the implementation of a new penalty scheme, which allows companies, that have voluntarily reported a data breach to the KCC, to receive a reduction on the total administrative fine prescribed of up to the 30% (‘the…
SG: Call to mandate reporting of data breaches
Irene Tham reports: Countries that legally require companies and organisations to report data breaches to the authorities are doing the right thing and the rest of the world should do the same, reporters were told yesterday. Singapore has yet to follow the lead of mature jurisdictions such as the United States and Canada that make…
Should Ashley Madison worry about U.S. class actions?: Frankel
Alison Frankel writes: The adultery-encouraging website Ashley Madison is now facing at least five U.S. class actions by users who claim the site failed to protect their confidential information from hackers who have since dumped their names, addresses and sexual predilections onto the Internet. The good news for people burned in the Ashley Madison attack:…
Aviva ‘revenge’ phone hacker jailed for 18 months
BBC reports: A man has been jailed for 18 months for hacking into 900 phones belonging to the insurance company Aviva. Richard Neale, 40, pleaded guilty to carrying out the attack as revenge after falling out with colleagues. He was previously a director at Esselar, a company contracted by Aviva to run its security network….