Data Breach

By | Monday May 25th, 2015

The Regulation requires the Controller to notify, without undue delay, the personal data breach to the supervisory authority. Whenever the personal data breach is likely to adversely affect the protection of the personal data, the privacy, the rights or the legitimate interests of the data subject, the Controller must also communicate the personal data breach to the data subject without undue delay.

This topic covers all aspects related to Data Breach such as, for example, how to define a correct organizational process to manage a data breach, how to estimate the brand and reputation damage in case an incident is disclosed, which contractual clauses to put in contracts with vendors and how to manage the communication following a data breach on social networks.

Category: Data Breach

About Alessandro Vallega

He is Security Business Development Director for Oracle EMEA. He has the responsibility to lead a cross functional team on the GDPR (General Data Protection Regulation, EU 679/2016) at EMEA level (marketing, legal, sales, training, technology). He founded and coordinates an external blog on the same topic ( He has defined a European methodology to evaluate the database security degree of a data center and the advantages of identity and access management technology. He founded in 2007 the Oracle Community for Security, and in that context led the creation of several publications about security and privacy in the cloud, with mobile, in the social media, in healthcare, on return on security investments, about the role of the CISO, and how to prevent frauds. He is an author of the Italian annual ICT Security Report by CLUSIT and he is part of the CLUSIT board of directors.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.