A European Union privacy body have recently published guidance, which suggests that businesses should consider the “likely secondary affects” of a data breach, when determining whether to notify an individual.
Since new European Union laws were introduced last summer, providers of publically available electronic communication services within the European Union, have been required to inform national regulators within 24 hours of a data breach occurring, of the breach.
Under the laws, the providers are required to advise the regulators of the nature and content of the personal data concerned; how many people are affected, and the rough time the breach occurred.
In addition, under the laws, telecom businesses are also required to inform individuals affected, where the breach is likely to cause adverse affects to privacy and / or personal data.
However, under the latest guidance issued by the European Union privacy body, it would be “good practice” for all businesses to follow the guidelines, when individuals are likely to be affected following a data breach.
Whilst the latest recommendations has outlined guidance for businesses to follow in relation to informing individuals of a data breach; for those individuals who feel their data protection has been compromised, our human rights solicitors in London may be able to assist.
Our solicitors are experienced in handling a range of human rights cases, and to find out if we can assist you, contact our team today.