CSIRT-PoliTO
DATA BREACH MANAGEMENT
Regulation (EU) 2016/679, Article 4, defines a "personal data breach" as a security breach that, either accidentally or illegally, results in the destruction, loss, alteration, unauthorized disclosure, or access to personal data that has been transmitted, stored, or otherwise processed.
A personal data breach can compromise the confidentiality, integrity, or availability of personal data.
Examples of data breaches:
- access or acquisition of personal data by unauthorized third parties;
- theft or loss of computing devices containing personal data, for example: USB keys, persolal computers or laptops, smartphones, tablets;;
- Deliberate alteration of personal data;
- Inability to access the data for virus, malaware, etc;
- loss or destruction of personal data due to adverse events or disasters;
- unauthorized disclosure of personal data
