|
Post by juthi52943 on Jan 4, 2024 3:17:20 GMT
Is it possible to identify the place of publication of this data? What categories of people were affected by the attack? How many people were affected by the breach and how many records might be affected? An initial assessment of the risk of violating the rights and freedoms of natural persons should be carried. Out within hours of the disclosure of the attack. Processors Job Function Email List are obliged to inform data controllers without undue delay - regardless of the risk - and support them in fulfilling their legal obligations (in accordance with Article ( )(f) and Article ( ) of the GDPR). Assessing the impact of a cyberattack on data subjects Based on the conducted cyber investigation, the administrator is obliged to determine the risk of violating the rights and freedoms of natural persons. It should carry out an analysis to determine whether there has been a violation of the rights and freedoms of data subjects, taking into account the nature, scope, context and purposes of processing. Based on recital of the GDPR, it can be indicated that when assessing the risk of violating the rights and freedoms of natural persons, the seriousness of the event resulting from the breach should be taken into account.
|
|