Blog and News

Dutch Mandate Data Breach Notifications and Larger Fines

Mike Morrissey - 11 January 2016

On January 1st 2016, the Dutch brought into affect a new new law which makes it compulsory for Data Controllers to report a data breach to the Dutch Protection Authority. In addition the DPA may also issue direct fines for violations of the Data Protection Act, up to €820,000.

Dutch Mandate Data Breach Notifications and Larger Fines

Data Breach Notification will be mandatory where the loss of data could have adverse consequences upon data subjects. An exception to this will be circumstances where the data is encrypted or otherwise unintelligible to third parties.

On the 9th December, 2015, the DPA published practical guidance , courtesy of Hunton Privacy Blog, on when a Data Breach Notification should occur.

Interestingly, the new fines may be triggered when there has been a failure to report a data breach to the DPA.

The Dutch DPA's press release may be read here.

Previous Post

Data Subject Rights

Next Post

The Definitive Summary of the General Data Protection Regulation

0 Comments