What does our organization need to do in connection with a personal data incident?
If the incident could result in data subjects being exposed to serious risks, your organization must notify the regulatory authority if possible within 72 hours of discovery. In some cases, the registered must also be informed of the risks. This is regulated in Articles 33 and 34 of the Data Protection Regulation. In connection ...läs mer