The UK's Information Commissioner's Office recently warned companies that they could face tougher sanctions if they don't report data security breaches to the ICO. Although notification is not strictly required by the ICO, a recent statement by the ICO suggests that the agency may be seeking to establish a de facto notification requirement for serious data breaches. This warning is yet another sign that more countries, particularly in Europe, are moving toward expressly requiring notification of government agencies and/or affected individuals in the event of a data breach.
© Copyright 2010 Steptoe & Johnson LLP
No comments:
Post a Comment