PLEASE NOTE: Our website uses a technology called cookies to improve your experience. One of the cookies we use is essential for parts of the site to operate and may have already been set. You may delete and block all cookies from this site, but parts of the site will not work. For more information see our privacy policy.

To accept cookies from this site (and hide this notice) please check this box and click the continue button.

HomeThe IssuesOur ServicesOur TeamPublicationsTestimonialsNewsletterContact us

Ireland consults on compulsory breach notification

The “creep” of compulsory breach notification continues with the Irish Data Protection authority publishing a draft code of practice which would mean notification to the commissioner of any loss of over 100 personal records – providing that the data lost was not encrypted or password protected. But the draft code stops short of requiring companies to tell customers if their data is lost saying only that they must “give immediate consideration to informing those affected”.

Breach notification to individuals is now ubiquitous in the USA and there is a significant chance that the new European Directive will include such a measure. Sadly, evidence from the States suggests that individuals soon become “breach blind” and fail to react when they are sent multiple notices of data loss.

Other recent items: