Articles

The Belgian Privacy Commission publishes a recommendation on data breaches

The Belgian Privacy Commission publishes a recommendation on data breaches

The Belgian Privacy Commission publishes a recommendation on data breaches

25.02.2013 BE law

As a consequence of certain recent data compromise cases, the Belgian Privacy Commission on 21 January 2013, has published a recommendation (01/2013) on security measures to be taken to avoid data breaches (the “Recommendation”).

The main points of the Recommendation can be summarised as follows:

  1. The Commission proposes some general measures to be taken, such as for example the implementation of at least three DMZ-zones to separate the local network from devices connected to the Internet;
  2. The Commission refers to the guidelines on information security of personal data which were published in June 2012 for a specific overview of measures;
  3. The Commission insist that data breaches be notified within 48 hours and that a public information campaign should be undertaken within 24 to 48 hours after the notification to the Privacy Commission;
  4. Based on its finding that Article 16, §4 of the Belgian Data Protection Act (the obligation to take all necessary technical and organisational measures) is not sufficiently complied with, the Commission announces that it will address the parliament to ask for the necessary competences to make its recommendations on the necessary security measures enforceable. Pending this request, the Commission shall use all its powers to ensure that data controllers breaching their obligations under Article 16, §4 of the Data Protection Act, are held legally liable for this. To this end, it will notify the public prosecutor of any such violation of the Data Protection Act of which it gains knowledge.

The full recommendation can be found on:

http://www.privacycommission.be/fr/recommandation-prevention-fuites-donnees

Team

Related news

07.08.2018 NL law
General Data Protection Regulation comes into effect

Short Reads - On 25 May 2018, the European Union's General Data Protection Regulation (GDPR) came into effect. The GDPR replaces the EU's prior directive governing the processing and transfer of personal data, which was in place since 1995. As a regulation, the GDPR is directly applicable in all 28 EU member states and thus removes the need for national implementing legislation. However, the GDPR allows member states discretion in certain areas, as a result of which national legislation may still be implemented. In the Netherlands, the GDPR Implementation Act came into effect on 25 May 2018.

Read more

12.07.2018 NL law
Algemene verordening gegevensbescherming van toepassing

Short Reads - Vanaf 25 mei 2018 zijn de Algemene verordening gegevensbescherming (Verordening (EU) 2016/679) (AVG) en de Uitvoeringswet Algemene verordening gegevensbescherming (Uitvoeringswet) van toepassing in Nederland. De AVG en de Uitvoeringswet vervangen de richtlijn betreffende de bescherming van natuurlijke personen in verband met de verwerking van persoonsgegevens (Richtlijn 95/46/EG) en de Wet bescherming persoonsgegevens (Wbp).

Read more

Our website uses cookies: third party analytics cookies to best adapt our website to your needs & cookies to enable social media functionalities. For more information on the use of cookies, please check our Privacy and Cookie Policy. Please note that you can change your cookie opt-ins at any time via your browser settings.

Privacy – en cookieverklaring