Mandated Timeframe for Breach Reporting and/or Consumer Notification
Without unreasonable delay
Laws related specifically to personal information
Breach Reporting & Consumer Notification
Protect Personal Information
Program for Protection/Security
Third Party: Specific Obligations
Third Party: Mandated Contracts
Requests for Information
Fines & Penalties
Violation of Breach and Notification Laws
Up to 4% of Annual Global Turnover or €20 M
Third Party Management
None to minimal
Registration under the United Kingdom’s Data Protection Act requires individuals and organisations that process/control personal information to register with the Information Commissioner’s Office (ICO).
In addition to personal data, the United Kingdom defines certain personal information as sensitive data. This data may have additional requirements related to data protection, data subject access, etc.