In the last in a series of six articles based on the initial meeting of the Intelliflo GDPR Working Group to discuss the ramifications of the GDPR for financial advice firms, Rob Walton considers the question of breach reporting
Breach reporting is perhaps one of the most radical new requirements introduced by the GDPR. Under the GDPR, personal data breaches are defined as following "a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed". Most importantly, any breach - that meets the threshold of posing a risk to data subjects - will need reporting within 72 hours to the regulator. Where the breach poses a high risk to individuals' rights and freedoms, those individuals must also...
To continue reading this article...
Join Professional Adviser for free
Signup and gain exclusive members-only insights
- Unlimited access to real-time news, industry insights and market intelligence
- Stay ahead of the curve with spotlights on emerging trends and technologies
- Receive breaking news stories straight to your inbox in the daily newsletters
- Make smart business decisions with the latest developments in regulation, investing retirement and protection
- Members-only access to the editor’s weekly Friday commentary
- Be the first to hear about our events and awards programmes
