Developing a GDPR-Ready Incident & Breach 72-Hour Action Plan | PrivacyConnect
 

Developing a GDPR-Ready Incident & Breach 72-Hour Action Plan

Download Associated PDF

Under the GDPR, controllers are now required to notify their supervisory authority when a personal data breach occurs, unless it is unlikely to result in risks to the rights and freedoms of individuals. The notification needs to be done without undue delay, no later than 72 hours after the controller has become aware of the breach (with some exceptions). It is crucial for privacy practitioners to understand the details of this tight timeline as well as the risk-based trigger, and what they entail. In this session, Tim Van Baelen ,Advisor at KPMG,  and Joris Weyn, Senior Manager at KPMG, review the personal data breach rules under the GDPR and provide tips to help you map out a 72-hour personal data breach action plan.

Presented by:
Tim Van Baelen, Advisor at KPMG
Joris Weyn, Senior Manager at KPMG

Join the Conversation #PrivacyConnect

Get Connected with Your Peers