What to do in case of private data breach?

What to do in case of private data breach?

What to do in case of private data breach?

The new General Regulation on Data Protection takes effect in a few days. The new legislation provides for heavy fines for infringements and one of the main concerns of companies is related to possible private data breaches. Companies are increasingly concerned about the security of their customers ‘and vendors’ private data as security threats have increased in number and efficiency. But after all, what to do in case of private data breach?

What is the violation of personal data?

Violation of information security that causes the destruction, loss, alteration or unauthorized access to personal data transmitted by individuals to a company or organization.

What does the new law say?

The new general data protection regulation makes companies much more responsible for privacy rules than the previous law. From 25 May, companies suffering from a breach of private data are obliged to notify the controlling authority and the holder of the personal data concerned. Where the data breach is serious, the supervisory authority should be contacted within 72 hours.

When there is a data breach, in addition to the high fines, there is also a negative publicity for the company that left the personal data exposed. Therefore, it is very important for companies to take measures that improve information security and allow them to detect security breaches as quickly as possible, because the longer a violation takes to be detected, the more serious the situation will be for the company.

When a private data breach is detected quickly, companies are able to easily take control of the situation and communicate security measures to the target. These measures can be alteration of keywords, verify bank transactions, among others. To make it easier to quickly detect security breaches, companies need to adopt strategies such as:

  • Define and implement a security policy;
  • Use encryption or data masking;
  • Use disaster recovery services;
  • Train employees for the need to protect information;
  • Monitor in real time everything that goes on in the organization, in order to detect security breaches in a timely manner.

Fines

The new RGPD focuses heavily on enforcement and penalties, through the application of high fines for offenders. In cases of minor breaches it may reach 10 million euros or 2% of the global turnover of the group in which the company operates and in the worst cases may reach 20 million euros or 4% of world turnover.

 

About the author

Marketing administrator

Leave a Reply

Privacy Policy

  • Português
  • English
  • Español
Copyright © 2017 - 2017 DATAPEERS All rights reserved