The General Data Protection Regulation (GDPR) has introduced new security obligations. In particular, it requires that data breaches – a loss of availability, integrity or confidentiality of personal data – be notified to the National Commission for Informatics and Liberties (Cnil) as soon as a risk is generated for the rights and freedoms of the persons concerned. The opportunity for the French authority to list these incidents. She just made it the balance sheet over the period May 2018 (entry into force of the GDPR) to May 2023.
Two thirds of notifications from the private sector
The CNIL thus received 17,483 notifications for personal data breaches, including two thirds come from the private sector with 39% SMEs. For his part, the public sector represented 22% of notifications. Public administrations represent 18% of notifications. On the private side, specialized, scientific and technical activities are the most represented, followed by financial and insurance activities.
Advertisement
(…)
This article is reserved for our DPO Club subscribers
Support expert journalism.
Log in
Selected for you
Advertisement