Obowiązek zgłaszania naruszeń ochrony danych osobowych w jednostkach organizacyjnych

The article explains the process of notification of a personal data breach to the supervisory authority, in accordance with Article 33 of The General Data Protection Regulation (GDPR). The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. In case (preventive) security measures are breached and personal data is unlawfully processed, the controller must report such a breach to the supervisory authority within 72 hours, and possibly to affected data subjects as well. This is the case unless you can establish that the breach has caused no actual risks for the data subjects or other individuals. The article contains analysis of data breach notifications sent to data protection authorities by companies or other organizations.