Mandated Timeframe for Breach Reporting and/or Consumer Notification

Within 72 Hours
Laws related specifically to personal information
  • Breach Reporting & Consumer Notification
  • Protect Personal Information
  • Program for Protection/Security
  • Third Party: Specific Obligations
  • Third Party: Mandated Contracts
  • Employee Training
  • Data Disposal/Destruction
  • Risk Assessment
  • Requests for Information
Fines & Penalties

Violations of Breach and Notification Laws:
- Up to 4% of annual global turnover or €20 M

Regulation Levels
  • Breach Reporting
  • Consumer Notifications
  • Third Party Management
  • Data Protection
Level Description
  • None to minimal
  • Basic Requirements
  • Comprehensive Requirements
  • Extensive Requirements
Quick Facts
  • The General Data Protection Regulation (GDPR) is a comprehensive regulation designed to address most aspects of personal data processing within the European Union. This regulation protects the personal information of all individuals in the EU, you may be applicable to GDPR requirements.
  • Member States are encouraged to establish their own country-specific codes of conduct.
    If your business is located and/or handles personal information from individuals in one or more Member States, you may have additional requirements with which you must comply.
  • Both Processors and Controllers (unless exempt) must maintain an extensive log of all data processing activities.
Statutes and Laws
  • EU GENERAL DATA PROTECTION REGULATION (GDPR): REGULATION (EU) 2016/679

BAck to map