Email addresses and data breaches
Assign topic to the user
We have recorded this in house in the Data Breach Register, recalled the messages to minimize the impact and taken steps to prevent it happening again.
However I am unable to ascertain if this would require reporting to the ICO. My interpretation is that this would not constitute a risk for the rights and freedoms of individuals and therefore would not require reporting to the ICO. Please can you advise.
Answer:
If the only data that was disclosed to unauthorized recipients are email addresses then I would say is safe to say that there is no risk to the rights and freedoms of the data subjects and is not necessary to notify the ICO.
To learn more about data breaches check out our webinar “A How-to Guide for GDPR Data Breach Notifications” (https://advisera.com/eugdpracademy/webinar/a-how-to-guide-for-gdpr-data-breach-notifications-free-webinar-on-demand/).
Comment as guest or Sign in
Jul 28, 2018