Articles

The Belgian Privacy Commission publishes a recommendation on data breaches

The Belgian Privacy Commission publishes a recommendation on data breaches

The Belgian Privacy Commission publishes a recommendation on data breaches

25.02.2013 BE law

As a consequence of certain recent data compromise cases, the Belgian Privacy Commission on 21 January 2013, has published a recommendation (01/2013) on security measures to be taken to avoid data breaches (the “Recommendation”).

The main points of the Recommendation can be summarised as follows:

  1. The Commission proposes some general measures to be taken, such as for example the implementation of at least three DMZ-zones to separate the local network from devices connected to the Internet;
  2. The Commission refers to the guidelines on information security of personal data which were published in June 2012 for a specific overview of measures;
  3. The Commission insist that data breaches be notified within 48 hours and that a public information campaign should be undertaken within 24 to 48 hours after the notification to the Privacy Commission;
  4. Based on its finding that Article 16, §4 of the Belgian Data Protection Act (the obligation to take all necessary technical and organisational measures) is not sufficiently complied with, the Commission announces that it will address the parliament to ask for the necessary competences to make its recommendations on the necessary security measures enforceable. Pending this request, the Commission shall use all its powers to ensure that data controllers breaching their obligations under Article 16, §4 of the Data Protection Act, are held legally liable for this. To this end, it will notify the public prosecutor of any such violation of the Data Protection Act of which it gains knowledge.

The full recommendation can be found on:

http://www.privacycommission.be/fr/recommandation-prevention-fuites-donnees

Team

Related news

07.12.2018 BE law
GDPR-roundtable on practical questions encountered during implementation

Roundtable - After the success of the roundtable sessions we held before the GDPR took effect (in May this year), our TMT team is enthusiastic about the session of 7 December, focusing on the lessons we have learned from working on multiple GDPR-matters in the past year. We will tackle some practical questions that we have encountered and that are not or cannot be readily answered by the new regulation.

Read more

07.12.2018 BE law
Virtual Currency Regulation Law Review

Articles - The first edition of the Virtual Currency Regulation Law Review is intended to provide a practical, business-focused analysis of recent legal and regulatory changes and developments, and of their effects, and to look forward at expected trends in the area of virtual currencies on a country-by-country basis.

Read more

20.11.2018 NL law
Seminar 'Personal data from a broader perspective: overlap inside and outside the privacy domain'

Seminar - On 20 November 2018, Stibbe will host a seminar on privacy. Several Stibbe lawyers will discuss personal data from a broader perspective and the overlap that can occur inside and outside the legal privacy domain.

Read more

Our website uses cookies: third party analytics cookies to best adapt our website to your needs & cookies to enable social media functionalities. For more information on the use of cookies, please check our Privacy and Cookie Policy. Please note that you can change your cookie opt-ins at any time via your browser settings.

Privacy – en cookieverklaring