Telecoms operators and internet service providers (ISPs) will no doubt be busy getting their houses in order this week as they prepare for the introduction of new regulations requiring mandatory disclosure of personal data breaches. - See more at: http://www.storetec.net/news-blog/telcos-and-isps-prepare-for-new-data-breach-disclosure-rules
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
Telcos and ISPs Prepare For New Data Breach Disclosure Rules
1. Telcos and ISPs Prepare For New Data Breach
Disclosure Rules
Facebook.com/storetec
Storetec Services Limited
@StoretecHull www.storetec.net
Telecoms operators and internet service providers (ISPs) will no doubt
be busy getting their houses in order this week as they prepare for
the introduction of new regulations requiring mandatory disclosure
of personal data breaches.
The European Union is bringing the rule into effect on Sunday (August
25th 2013) as part of an extension to the 2009 E-Privacy Directive. It
means that all such companies in Europe will have to notify national
authorities if any theft, loss or unauthorised access of their
customers' personal information occurs.
2. It includes emails, calling data and IP addresses and the notification
must contain details including the timing of the breach, the data
involved and whether or not anyone will be negatively affected by it.
They will also need to outline what is being done to address the
problem.
However, if the telecoms providers can demonstrate to regulators that
the "technological protection measures" in place mean the breached
data is "unintelligible to any person who is not authorised to access it",
they will be able to avoid the next step, which is notifying the individual
customers.
3. The European Commission has published a list of the measures it
considers as suitable for making personal data unintelligible, but it
means that encryption and online hosting from third parties could
become ever-more important in the future as firms seek to protect what
they store.
Not everyone is pleased with the new development, with Stewart Room
from law firm Field Fisher Waterhouse saying he thinks the regulations
requiring businesses to report data breaches within a day are
"controversial".
4. He told Computer Weekly: "It is hard to detect a substantive logic to
this measure and, in more practical terms, it is hard to see why such
rapid disclosure is needed."
But technology law specialist Luke Scanlon of Pinsent Masons said in
an article for Out-Law.com that the decision is likely to relate to the
possibility of the same laws being brought in for all kinds of companies
under the Draft Data Protection Regulation, something that was
proposed last year.
5. "It may be that the commission intends to evaluate the impact that a
24-hour notification period will have on these types of organisations. If
the evidence suggests that the notification requirement may not be as
burdensome as some have suggested in terms of cost and
administration for organisations subject to these requirements, the
commission may feel that it has a solid basis upon which to push
forward with its proposal," he pointed out.
This is something that has been campaigned against by Information
Commissioner Christopher Graham, who said in a speech at
Infosecurity Europe 2012 that it would result in the Information
Commissioner's Office (ICO) being "buried" under a mountain of emails
and telephone calls detailing data breaches, Computer Weekly
reported.
6. He also insisted that the current system of voluntary disclosure works
well because there is no temptation for companies to cover them up.
However, it may be that something does need to be done to ensure
that businesses are not taking unnecessary risks or just being careless
with personal information, particularly since so much of it is being
stored electronically these days.
Indeed, the ICO reported earlier this month that carelessness with data
data is still one of the main reasons for it to get lost or fall into the
wrong hands.
7. Sally-Anne Poole from the governing body said 'disclosed in error'
covers "everything from emails being sent to the wrong people to
information erroneously included in freedom of information responses".
Whether your business is in the telecommunications sector or not, it is
essential to have good data management practices in place. Proof of
this may be essential soon too, if the same rules are brought in for
other sectors as for ISPs and telcos.
If you're in need of some help with storage, encryption or any similar
issues, get in touch with Storetec today for professional, efficient help
and a great, effective solution.