UK: Data breach reporting law set for four-year rollout

[security curmudgeon <jericho () attrition org>]

http://www.zdnet.co.uk/news/compliance/2010/07/19/data-breach-reporting-law-set-for-four-year-rollout-40089566/

http://www.silicon.com/management/public-sector/2010/07/16/uk-headed-for-data-breach-disclosure-law-within-four-years-39746105/

Data breach reporting law set for four-year rollout
By Nick Heath, silicon.com, 19 July, 2010 09:13

NEWS

A law forcing all organisations to publically declare data breaches is 
expected to be in place in the UK within four years.

According to lawyers at law firm Field Fisher Waterhouse (FFW), 
legislation requiring organisations to notify the relevant authorities as 
well as individuals affected in the event of a serious security breach 
involving personal data will be introduced across Europe.

Eduardo Ustaran, head of the privacy and information law group at FFW, 
said the law will be introduced under an amendment to the 1995 EU Data 
Protection Directive, which is currently being reviewed by the EU 
Commission.

[..]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php