Luck of the Irish? Data Breach Trends from the First Year of the GDPR (Data Protection Commission Ireland)

In this recently published information note (October 2019), the Data Protection Commission (DPC) Ireland shares country-specific statistics and trends related to data breach notifications during the first year of GDPR.

en flag
nl flag
fi flag
fr flag
de flag
pt flag
es flag

Editor’s Note: The Data Protection Commission (DPC) is the Irish supervisory authority for the General Data Protection Regulation (GDPR). It also has functions and powers related to other critical regulatory frameworks, including the Irish ePrivacy Regulations (2011) and the EU Directive known as the Law Enforcement Directive. In this recently published information note (October 2019), DPC Ireland shares country-specific statistics and trends related to data breach notifications during the first year of GDPR.

Extract from DPC Ireland Report on GDPR Data Breach Trends

Data Breach Trends from the First Year of the GDPR*

This information note is intended to give an overview of the trends observed by the Data Protection Commission (DPC) over the first year of the mandatory breach reporting regime introduced by the General Data Protection Regulation (GDPR). The statistics and trends discussed in the report capture all data breach notifications received in the first year since the 25th of May 2018, and the total number of breach notifications received by the DPC during that time amounted to 5,818. Of all breach notifications received by the DPC, approximately 4% have been classified a ‘non-breaches’ and did not meet the definition of a personal data breach as per Article 4(12) GDPR.

Since the introduction of the new breach reporting regime, the DPC’s Breach Assessment Unit has undertaken an analysis of breach notifications received from areas within the public and private sector, including those notified by: the financial sector; the insurance sector; the telecommunications industry; the healthcare industry; and law enforcement. Some of the trends and issues identified while conducting theses reviews and from the processing of notifications include late notifications; difficulty in assessing risk ratings; failure to communicate the breach to data subjects; repeat breach notifications; and inadequate reporting.

Review the Complete Report (PDF)

Info Note_Data Breach Trends 2018-19_Oct19

Read the original information note at Data Breach Trends from the First Year of the GDPR

* Copyrighted information note shared by permission of Regulations on the Re-use of Public Section Information

Additional Reading

Source: ComplexDiscovery

ComplexDiscovery combines original industry research with curated expert articles to create an informational resource that helps legal, business, and information technology professionals better understand the business and practice of data discovery and legal discovery.

All contributions are invested to support the development and distribution of ComplexDiscovery content. Contributors can make as many article contributions as they like, but will not be asked to register and pay until their contribution reaches $5.