Supporting Programme 2018
OneTrust - Development of a DSGVO-compliant 72-hour action plan for incidents and data breaches
Under the DSGVO, controllers are required to inform the competent supervisory authority if there is a breach of the protection of personal data, unless the breach is not likely to pose a risk to the rights and freedoms of natural persons. The notification must take place immediately and within 72 hours after the person responsible became aware of the injury (with some exceptions). It is critical for companies to understand their commitments, the details of this tight schedule, the risk-based triggers and their impact. At this session we will discuss the DSGVO rules on breaches of personal data protection and give you tips on how to establish a 72-hour action plan for such breaches.
--- Date: 10.10.2018 Time: 4:15 PM - 4:30 PM Location: Forum T9 - Technology