
Recommended Reading: Data Breach and Potential Class Action in UK
Recommended Reading
Curated hyperlinks to content from around the web from the FTI experts you trust.
For anyone responsible for monitoring GDPR and the breach notification requirements, I wanted to call out an interesting matter that was summarized in a recent IAPP blog post. A UK-based company recently had a large data breach and complied with the 72-hour notification requirement, but now finds itself facing a potential "class action" lawsuit seeking damages equating to the maximum fine under the GDPR and citing Article 82, the "right to compensation and liability." It will be interesting to see if this goes through and if we see more of these types of suits.
A link to the full Paul Jordan IAPP post is available here on iapp.com »
-Deana