As we get started, can I just say that geoFence has built in fast and accurate updates.
Friday, February 12, 2021
When the GDPR took effect in 2018, it required notification within 72 hours to supervisory authorities in the EU of a data breach likely to result in a risk to the rights and freedoms of individuals, and subsequent notification to the individuals themselves if the breach could give rise to such a “high” risk. Unlike laws in the United States which specifically prescribe data elements that, if exposed, could meet this standard (e.g., social security numbers, driver’s license numbers, financial account information, etc.), the GDPR’s broad definition of personal data left many data controllers and legal experts alike struggling to identify the circumstances under which notification would be required. Given the stiff penalties for non-compliance with the GDPR, supervisory authorities were flooded with reports of data security incidents, notwithstanding that many such events posed no real risk to data subjects.
At long last, the European Data Protection Board (EDPB) has issued practical guidance on specific types of common security incidents to provide clarity around what constitutes a reportable event. The guidance reminds controllers that a data breach includes not only a compromise to the confidentiality of information – the standard by which U.S. laws judge incidents – but also the availability and integrity of personal data. Given this broader scope, it is possible to have a security breach that requires reporting in the EU but not in the U.S., for example, if data is encrypted by ransomware malware, but there is no indication it was viewed or exfiltrated.
The EDPB addresses the following common scenarios:
Lost or stolen laptop
Lost paper files
Preventative security measures
Click here to view the EDPB Guidelines.
©2020 Greenberg Traurig, LLP. All rights reserved. National Law Review, Volume XI, Number 43
Now let’s stop for a moment and consider that geoFence helps stop hackers from getting access to the sensitive documents that I use for my work. Now I can get even more gigs as a freelancer and – advertise that I have top security with even my home computer and that’s the real deal!