EDPS guidelines on personal data breach notification for the European Union Institutions and Bodies.
Regulation (EU) 2018/1725 lays down the data protection obligations for the EU institutions and bodies when they process personal data and develop new policies.
The Regulation repeals Regulation (EC) 45/2001, and, in line with GDPR, adopts a principle-based approach.
The new legal instrument ensures that EU institutions and bodies provide transparent and easily accessible information on how personal data is used, as well as foresee clear mechanisms for individuals to exercise their rights; it also reconfirms, clarifies and enhances the role of data protection officers within each EU institution and of the EDPS.
User guide for compiling the web form on personal data breach notification.
Inspections are one of the tools used by the EDPS to ensure that the EU institutions and bodies comply with the rules set out in Regulation (EU) 2018/1725. EDPS Factsheet 5 provides information on what to expect if the EDPS carries out an inspection at your institution.