European businesses face mandatory-disclosure law
Public and private sector businesses will soon be hit by mandatory-disclosure legislation. This means that any breach of personally identifiable information will have to be reported, and any person likely to be affected will have to be contacted. And, the necessary processes and procedures have to be transparent for audit.
In mid-November, the European Commission will publish the new version of its Data Protection Directive, the legislation on which the Data Protection Act is based, and among the new measures will be instructions on data processing. This has been some time coming with an estimated 82% of CIOs in favour of mandatory breach disclosure. Whether this is to raise the bar on threat analysis and mitigation response, or an attempt to “out” those that blatantly flout data protection laws is anyone’s guess. However it may just encourage businesses, small and large, regulated and unregulated, to finally attempt to get their house in order. I, for one, am behind this all the way. Do I have an ulterior motive? Watch this space.
Read the full article here.