Title: Personal Data Breaches. A Feasibility Study on a Cyber Exercise
Publisher: Publications Office of the European Union
Publication Year: 2013
JRC N°: JRC78087
ISBN: 978-92-79-28188-4 (print)
978-92-79-28187-7 (pdf)
ISSN: 1018-5593 (print)
1831-9424 (online)
Other Identifiers: EUR 25251 EN
OPOCE LB-NA-25251-EN-C (print)
OPOCE LB-NA-25251-EN-N (online)
URI: http://publications.jrc.ec.europa.eu/repository/handle/JRC78087
DOI: 10.2788/79792
Type: EUR - Scientific and Technical Research Reports
Abstract: The Directive 2009/136/EC (amending Directive 2002/58/EC) introduces a new obligation for the providers of electronic communication services to notify data breaches to the competent authorities and the individuals affected by the data breach. In particular, in the context of the European Single Market a data breach easily discloses a cross-border dimension which should be addressed specifically within the scope of the above mentioned Directive. Immediate notifications involving various actors and across various fields of competences and scope will obviously require well-planned and coordinated processes of communication. Hence these processes should be continuously tested and further improved. Nevertheless little experience does exist which is the driving force to plan for structured exercises concerning the applicability of the Directive. It is therefore of utmost interest to start undertaking a personal data breach exercise similar to other cyber exercises. This document contains a feasibility study with which such a personal data breach exercise could be started. The feasibility study proposed an executable first plan, its key elements, a provisional timeline and, most importantly, a summary of human and financial resources needed.
JRC Directorate:Space, Security and Migration

Files in This Item:
File Description SizeFormat 
lbna25251enn.pdf1.44 MBAdobe PDFView/Open

Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.