Hunton Andrews Kurth writes:
On March 2, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the European Data Protection Board (“EDPB”) consultation on draft guidelines on examples regarding data breach notification (the “Guidelines”). The Guidelines were adopted on January 14, 2021 for public consultation.
The EDPB’s Guidelines are intended to provide concrete personal data breach use cases and recommendations to help organizations (1) implement relevant technical and organizational measures; (2) understand the risk factors to consider when assessing data breaches; and (3) decide whether notification to the supervisory authority (“SA”) or affected individuals is necessary.
Read more on Privacy & Information Security Law Blog.