Network and Information Security Directive

EU Breach Notification Requirements Under the GDPR and NIS Directive: Are You Ready?

EU General Data Protection Regulation data breach notification requirements Network and Information Security (NIS) Directive security incident notification requirements

Data breach notification requirements are going global. By spring 2018, companies operating in the European Union must comply with the new General Data Protection Regulation’s (GDPR) data breach notification requirements and the Network and Information Security (NIS) Directive’s security incident notification requirements. Stricter and more far-reaching notification obligations underscore the importance of establishing a proactive Security Incident Response Policy to analyze potential legal obligations and prepare to respond to incidents long before they occur.

READ MORE

European Parliament Passes Long-Anticipated Network and Information Security Directive

NIS Directive

On July 6, 2016, the European Parliament passed the Network and Information Security (“NIS”) Directive, over three years after the initial draft was proposed.  The Directive will enter into force in August 2016.  EU Member States will then have 21 months to transpose the Directive into their national laws and 6 additional months to identify the operators of certain essential services that are subject to the Directive’s requirements.

READ MORE