Go Back
Rules of disclosure
24 January 2012
As part of a new data protection bill to be proposed by the European Commission on Wednesday, firms will be obliged to notify users and the authorities about data lost through hacks or security breaches within 24 hours.
NCC Group, which has long called for rules of disclosure, welcomes the proposed law, but raises concerns about its limitations.
Rob Cotton, CEO of NCC Group, comments:
“This is a hugely positive step. We’ve long been calling for organisations to be legally compelled to declare data losses.
“Companies need to take responsibility for the data they own. It’s vital for end users to be aware of compromised information so that they can take protective steps like changing passwords, but more openness around corporate data breaches will also help to reduce stigma, and assist organisations in taking appropriate action faster.
“One concern over the strength of the proposal is that it isn’t just end users and authorities who should be informed of data losses, but all stakeholders. Everyone from end users to investors has a right to be well informed with regards to the security of a company’s data.
“The proposed bill is to be welcomed, and we’re keen to see it become law in as strong and effective a manner as possible.”
Category: Latest Industry News