The Regulation 1725/2018 introduces a duty on all EU Institutions and bodies to report certain types of personal data breach to the EDPS. They must do this within 72 hours of becoming aware of the breach, where feasible.
If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, they must also inform those individuals without undue delay. All EU institutions and bodies should ensure that they have the procedures that enable them to detect a breach, investigate, take the necessary corrective measures and report. They must keep a record of any personal data breaches, regardless of whether they are required to notify the EDPS.
In newsletter #97, learn about and sign up to our upcoming Supervision Conference. Read up on our latest audit on three of the EU's large IT systems, our Formal Comments on Smart Meters, our latest Supervisory Opinion, and more!
The EDPS Annual Report 2021 provides an overview of the EDPS’ supervisory activities that contribute to shaping Europe’s digital future. In particular, the Annual Report 2021 includes the EDPS’ work on international transfers of personal data; on COVID-19; on the Area of Freedom, Security and Justice; as well as the EDPS' legislative consultations and technology monitoring activities, to name a few examples.
HTML Version: EN
In our last newsletter of 2021, read our TechDispatch on card-based payments; find out more about pseudonymous data; catch up on our latest EDPS-DPO meeting; and more!
In newsletter #87, catch up on the latest EDPB - EDPS Joint Opinion on Artificial Intelligence; find out how you can learn more about data protection with the EDPS' new online training programme; read the EDPS' curated Case Law Digest on international transfers of personal data; and much more!
All EU institutions, offices, bodies and agencies process personal data to recruit staff, pay salaries or negotiate service contracts, for example. If this personal data is lost, stolen or obtained accidently or deliberately, it is a personal data breach. What can you do if a personal data breach occurs? When should the breach be communicated to individuals? This factsheet will help you deepen your knowledge on personal data breaches.