Dutch data protection authority publishes Policy Rules on breach notification duty
As of 1 January 2016 companies, public bodies and other organisations that process personal data have an obligation to immediately report personal data breaches to the Dutch Data Protection Authority (College Bescherming Persoonsgegevens ("CBP")). Yesterday, the CBP published its Policy Rules on the duty to notify personal data breaches ("Policy Rules"). The Policy Rules are intended to support businesses in complying with the notification duty and also serve as the CBP's point of departure when applying enforcement measures. Read more.
Location