BreachExchange mailing list archives
Ireland Considers Detailed Data Loss Disclosure Guidelines
From: security curmudgeon <jericho () attrition org>
Date: Thu, 10 Jun 2010 14:51:10 -0500 (CDT)
http://www.pcworld.com/article/198474/ireland_considers_detailed_data_loss_disclosure_guidelines.html Ireland Considers Detailed Data Loss Disclosure Guidelines Jeremy Kirk, IDG News Ireland is considering beefing up its data protection rules with more detailed guidelines for when an organization should report a data breach. The proposed code of practice has been published by the Office of the Data Protection Commissioner on its Web site and is open for public comment through June 18. The code of practice details the reporting obligations for data handlers under Ireland's Data Protection Acts. As in the U.K., Ireland has had its share of high-profile data breaches, which likely spurred the creation of the code of practice, said William Malcolm, a privacy lawyer with the law firm Pinsent Masons. The code of practice would require organizations to report a breach within two working days with some exceptions if strong security measures are implemented. The report would include the nature of the data compromised, what action is being taken, how people have been informed or the reason for not informing people, actions taken to limit distress to those affected and a chronology of events. All breaches that result in the loss of personal data affecting more than 100 people would have to be reported unless the personal data was encrypted to a "high standard" with a strong password and that password had not been compromised. [..] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Ireland Considers Detailed Data Loss Disclosure Guidelines security curmudgeon (Jun 10)