| Name of regulation | ||
|---|---|---|
| The minimal content of the personal data breach notification | ||
| Citation | ||
| The notification referred to in paragraph 1 shall at least: (a) describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned, and the categories and approximate number of personal data records concerned; (b) communicate the name and contact details of the data protection officer or other contact point where more information can be obtained; (c) describe the likely consequences of the personal data breach; (d) describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects. |
||
| Legislative localisation | Chapter IV, Section 2, Article 33, Paragraph 3 | |
| Regulation's subject matter | Notification of a personal data breach to the supervisory authority (Article 33, Section 2, Chapter IV) | |
| Regulation category |
Obligation
Indirect right |
|
| Regulation subcategory |
Principle or rule
|
|
| Actors concerned | ||
| Obligation | Controller |
|
| Indirect right | Supervisory authority |
|
| Related actors | Data protection officer Data subject |
|
| Knowww link | https://knowww.eu/nodes/5a0595ea4b5b5f00019038b9 | |