Forewarned is forearmed: the learnings to take from the Dutch data security breach regime

This briefing is part of a series of publications on the EU General Data Protection Regulation (the ‘GDPR’) which will apply in all Member States from 25 May 2018.

The sanction-heavy GDPR, with its mandatory breach notification regime, will be upon us in less than 18 months, and businesses are well advised to start preparing and implementing a plan now to ensure that they will be compliant. To assist with such plans, this briefing looks at what lessons can be learnt from the mandatory data security breach regime in the Netherlands, as well as practical learnings from previous incidents which we have advised on.

This article was first published in Privacy Laws & Business UK Report, Issue 89 (January 2017).