General
A security breach is a breach in security that results in the accidental or unlawful destruction of personal data that is transmitted, stored or otherwise processed, or in the loss, alteration, disclosure or unauthorized access to that data.
Organisations and others who work with personal data
An alert must be made immediately, preferably within 3 days after the safety breach was notified. If the time limit has passed, the reason for the delay must be stated in the notification.
Individuals can send tips about a potential security breach to the Data Protection Authority.
Examples of safety failures
Examples may be when:
data is accidentally deleted
personal data to be kept secret is published by mistake
encryption key, which connects the identities of individuals and encrypted information, is lost.
includes breach of confidentiality - unauthorized or mistaken sharing of personal data or unauthorized access to it.
leads to information becoming inaccessible – loss of access to personal data or destruction of personal data by mistake or without permission.
includes a change to personal data – a change to personal data by mistake or without permission.
If there is doubt as to whether a notification obligation exists, it is recommended to send a notification to the Data Protection Authority or to contact by telephone during opening hours and request instructions.
It is noted that it may be necessary to also inform those individuals who are affected by a safety breach.
Service provider
Data Protection Authority