Beyond GDPR: New Privacy Regulations in 2018

by Monica Dubeau

January 8, 2018

Preparing for the EU General Data Protection Regulation (GDPR) has been the top priority for privacy professionals in recent months. GDPR, which goes into effect May 25, 2018, includes some of the tightest data breach notification deadlines and potential penalties of any privacy regulation globally.

However, lurking in the shadow of the GDPR are other changes to data breach notification regulations that are likely to take effect in 2018. Privacy professionals globally need to take note and prepare for these changes as well. Below are a few of the notable regulations globally that are going into effect.

The Notifiable Data Breaches Scheme in Australia, which goes into effect on February 22, will require Australian businesses and government agencies to notify affected individuals of data breach incidents that pose a likely risk of serious harm as soon as practical. Notification to the Australian Information Commissioner will also be required.

Additionally, Canada’s mandatory notification requirement under the federal Personal Information Protection and Electronic Documents Act 2000 (PIPEDA) is expected to be enforced in early 2018. Under PIPEDA, notification to the individual and the Office of the Privacy Commissioner of Canada will be required when there is a real risk of significant harm to the affected individual.

In the U.S., Maryland and Delaware both recently amended their current data breach notification statutes. Both states are following in the footsteps of several other states by imposing tighter notification timeframes. Maryland implemented a 45-day notification timeline, and Delaware will require affected individuals to be notified within 60 days. Additionally, both states have expanded upon their definition of personal information. Maryland’s revisions took effect January 1, and Delaware’s take effect April 14.

Data breach notification requirements are constantly evolving, and organizations globally must ensure they keep up to date with the changes to remain compliant. It is not too soon to consider future requirements and how it will affect your business practices.

Learn how the Resilient Incident Response Platform can help make your privacy breach notification process fast, efficient, and compliant.

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *

11 + 17 =

View Our Additional Resources

  1. Cyber Security in 2017 and the Year Ahead: The Fifth-Annual Year-in-Review and Predictions Webinar


    Cyber Security in 2017 and the Year Ahead: The Fifth-Annual Year-in-Review and Predictions Webinar

    In IBM Resilient’s fifth-annual year-in-review and predictions webinar, our panel of cyber experts will discuss and debate the trends and stories that defined cyber security in 2017, and offer their predictions for what to expect in 2018. This year, we are also live streaming the event on Twitter for more engagement.

    Watch Now
  2. Six Steps for Building a Robust Incident Response Function


    Six Steps for Building a Robust Incident Response Function

    To overcome today’s top security challenges, organizations are increasingly seeking to orchestrate their incident response (IR). They aim to build agile, measurable IR workflows, increase communication and coordination, and arm their team with the right tools and intelligence.

    Download Now
  3. Top Global Research Laboratory


    Top Global Research Laboratory

    Learn how a top global research laboratory replaced its ticketing system with a purpose-built Incident Response Platform (IRP) -- and enabled its team to increase the effectiveness and efficiency of its security operations team.

    Download Now
  4. Improving Response with Orchestration and Automation: Ask Bruce


    Improving Response with Orchestration and Automation: Ask Bruce

    To effectively respond to today's complex cyberattacks, security teams need to coordinate their people and technology throughout the entire incident response (IR) process. When IR orchestration is supported by automation, organizations can accelerate their response and make their IR team more intelligent. In this video, IBM Resilient CTO Bruc...

    Watch Now