S15_300x250_Banner_v1.1
DPI15_300x250_Banner_FINAL

The French data protection authority (CNIL) has published an explanation of the new data breach notification rules, writes Pascale Gelly, CIPP/E, for The Privacy Advisor. Internet service and telecom providers are the only entities currently subject to the breach notification obligation. "Any breach--loss, destruction, disclosure, distortion, unauthorized access--must be notified to the CNIL, without exception, whatever the severity level, without delay," writes Gelly, adding that if there is a particular risk to the data or individuals' privacy, individuals must be notified as well. Noncompliance could result in criminal sanctions of a maximum of five years of imprisonment, a fine of 300,000 euros and CNIL administrative sanctions up to 150,000 euros.
Full Story

0 Comments

If you want to comment on this post, you need to login

Related