67 Notification of a personal data breach to the Commissioner
Data Protection Act 2018 (2018 c 12) | Legislation

Obligations relating to personal data breaches

67  Notification of a personal data breach to the Commissioner

(1)     If a controller becomes aware of a personal data breach in relation to personal data for which the controller is responsible, the controller must notify the breach to the Commissioner—

(a)     without undue delay, and

(b)     where feasible, not later than 72 hours after becoming aware of it.

(2)     Subsection (1) does not apply if the personal data breach is unlikely

Powered by Lexis+®
 

Popular documents

LEXISNEXIS

Motor claims in the Portal—a practical guide (Stage 1)

Motor claims in the Portal—a practical guide (Stage 1)The Pre-Action Protocol for Low Value Personal Injury Claims in Road Traffic Accidents—30 April 2013 onwardsSTOP PRESS: A new RTA small claims protocol for whiplash claims comes into effect for accidents occurring on or after 31 May 2021. The

LEXISNEXIS

Qualified one-way costs shifting (QOCS)

Qualified one-way costs shifting (QOCS)What is QOCS?Qualified one-way costs shifting (QOCS) was introduced on 1 April 2013 as part of the Jackson costs reforms following the removal of a claimant’s right to recover additional liabilities from the defendant, ie success fees and after the event (ATE)

LEXISNEXIS

Possession with intent to supply

Possession with intent to supplyPossession with intent to supply a controlled drugIt is an offence for a person to have a controlled drug in his possession, whether lawfully or not, with intent to supply it to another in contravention of section 4(1) of the Misuse of Drugs Act 1971 (MDA

LEXISNEXIS

Debt for equity swaps

Debt for equity swapsA popular restructuring method is a debt for equity swap; financial creditors receive equity in the restructured vehicle in return for reducing or cancelling their debt claims against the company (and the rest of the group).Many highly levered deals have thin equity cushions and