Created by the aptly named Data Breach Maps, this interactive map allows you to find out about country-specific data breach notification laws throughout Europe.
At present, European member states enforce their own data breach laws based on the 1995 Data Protection Directive, but there is expected to be huge upheaval for organisations across the union – and beyond – when new pan-European data breach notification obligations come in to force.
In January 2012 the European Commission proposed a major reform of the Data Protection Directive to bring its principles into line with 21st century technological advances and the global transfer of data. The Commission’s intention was to produce a single law – the General Data Protection Regulation (GDPR) – that unified data protection legislation and enforcement across Europe so that companies would only have to contend with one data protection law instead of 28. It is estimated that the GDPR will come into force in early 2017.
Until then, organisations must comply with local data breach notification legislation. The best, and easiest, way to do this is to implement a robust Information Security Management System (ISMS) to manage your data effectively. Information security is a broad approach that addresses the security of information in all forms and covers paper documents, physical security and human error as well as the handling of digital data.
ISO 27001 is the internationally recognised best-practice Standard that lays out the requirements of an ISMS and forms the backbone of every intelligent cyber security risk management strategy.
Organisations with multiple compliance requirements often seek certification to ISO 27001 as its comprehensive information security approach can centralise and simplify disjointed compliance efforts; it is often the case that companies will achieve compliance with a host of legislative requirements simply by achieving ISO 27001 certification.
IT Governance has created ISO 27001 packaged solutions to give European organisations online access to world-class expertise. Each fixed-priced solution is a combination of products and services that will enable you to implement ISO 27001 at a speed and budget appropriate to your individual needs.