Since the introduction of the obligation to report data breaches on January 1, 2016, there are 5500 reports to the Authority Personal data (AP). The majority of reports come from hospitals, insurance companies, banks, insurance companies, pension funds and municipalities.
The obligation to report data breaches is a part of the personal data protection Act (WBP) and must ensure that organisations dealing more consciously with the storage of personal data and the security thereof. The 5500 reports are measured from 1 January to 15 december 2016. At the beginning of October there were 3400.
Especially by organizations where a lot of work with sensitive data such as health data, financial data, and/or the social security Number (SSN) were this year reports. 29 percent of the reports came from the sector of health & well-being. 17 percent of the notifications were made by companies in the financial services industry. 15 percent of the alerts came from the public administration, such as municipalities.
accident
this concerns especially data breaches involving data accidentally by someone else, such as a misdirected letter, an e-mail to the wrong recipient, or display the wrong show data in a portal. In addition, the loss of a USB memory stick with personal data or a stolen laptop, a lot of common reports, that shows a summary of the AP.
Fines
Of the now more than 5500 reports the AP in 4000 cases, an initial policy research is done. About a hundred organisations, and as a result a warning from the authority. In some of the other dozens of cases, there is a more in-depth investigation of the AP.
In the worst case, can the AP a penalty award of up to 820.000 euro. This year, the authority is still no penalty given. AP-president Aleid Wolfsen has earlier this year warned of such penalties. City gave it that authority as an organization still needs to grow, so that the AP can also act as a privacy ombudsman where citizens can complain.
European law
On may 25, 2018 is the new European privacyverordening of force which laid down that companies be more transparent about the way data are processed. Citizens must have easy can inspect their own data, and to removal.
Under the new system, European privacytoezichthouders as the AP penalties of up to twenty million euros, or 4 percent of the worldwide turnover of a company handing it out.
This article comes from Computable.nl (https://www.computable.nl/artikel/5912534). © Jaarbeurs IT Media.
No comments:
Post a Comment