Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Isle of Man: Information Commissioner publishes revised personal data breach documents
The Information Commissioner published, on 16 January 2023, a revised personal data breach report, together with additional guidance for data controllers. In particular, the Information Commissioner noted that the revised personal data breach form continues to incorporate fields for all the information that a controller is required to provide to the Information Commissioner when notifying a personal data breach in accordance with Article 33(3) of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). Moreover, the guidance on personal data breach reporting provides actions that should be considered within the initial investigation and risk assessment of the breach. Furthermore, the Information Commissioner highlighted that the guidance on 'personal data breach reporting – assessing the risk' reflects the European Data Protection Board ('EDPB') Guidelines 9/2022 on personal data breach notification under the GDPR.
You can read the press release here, the breach notification form here, and guidelines here and here.