Countless Letter
Notifications About Data Breaches, Free Credit Monitoring, and Class Action Lawsuits
Not exact matches
The GDPR carries strict rules for
breach notifications, and Uber would probably have broken at least three: not properly protecting the
data, not telling regulators
about the hack, and not informing its customers until a year later.
For further
about data breach notification requirements of the My Health Records Act see OAIC's Guide to mandatory
data breach notification in the My Health Record system.
Facebook didn't alert users that Cambridge Analytica was in possession of wrongfully obtained
data, even though it knew
about it for years, and although the company says it's going to alert everyone effected, without a federal
data breach notification requirement, there's nothing preventing the company from deciding to keep users in the dark again.
The GDPR will implement more stringent operational requirements for processors and controllers of personal
data, including, for example, requiring enhanced disclosures to
data subjects
about how personal
data is processed, limiting retention periods of personal
data, requiring mandatory
data breach notification, and requiring additional policies and procedures to comply with the accountability principle under the GDPR.
If users» information was compromised by Cambridge Analytica, their
notification will have additional language
about the
breach; and when directed to «Apps and Websites,» Facebook will explain what
data may have been exposed.
November 24, 2017: Imgur, the online image - sharing community, had a lot to be thankful for on Thanksgiving — until it received a
notification that day
about a possible
data breach from 2014.
With Australia's new
data breach notification laws coming into effect next month, gathering and securing sensitive information
about customers and their deposits will be more onerous than ever.