Irish organisations which lose the personal data of more than 100 people will have to report the data security breach to the authorities, according to new rules proposed by that country's privacy regulator. The proposal will force the declaration of data losses to Ireland's Data Protection Commissioner in all cases in which more …
I wonder if our regulators in the UK would dare follow this lead from the Irish? Thought not, it'd show up too many breaches by HMG.
So technically speaking a typical phone loss would have to be reported?
why more than 100
If they lose a single person's personal data, they should have to report it!
less than 100
Read the full article, they only get away with not reporting less than 100 when the information lost is trivial.
"Even when an organisation loses the data of fewer than 100 people they must report an incident if that information includes sensitive personal data or financial information which could be used to impersonate them."
- NASA boffin: RIDDLE of odd BULGE FOUND on MOON is SOLVED
- Apple winks at parents: C'mon, get your kid a tweaked Macbook Pro
- SOULLESS machine-intelligence ROBOT cars to hit Blighty in 2015
- BuzzGasm! Thirteen Astonishing True Facts You Never Knew About SCREWS
- China in MONOPOLY PROBE into Microsoft: Do not pass GO, do not collect 200 yuan