Craig Hoffman of BakerHostetler writes:
This compendium represents our global experience in this field. While it is not a substitute for legal advice, it is a reference guide that outlines the basic requirements in place when dealing with an international data breach so that you can know what immediate steps to take and what questions you need to ask to minimize your company’s exposure.
BakerHostetler’s International Compendium of Data Privacy Laws is now accessible.
Read more on Data Privacy Monitor.
Very many thanks as usual for your highly informative contents. However, the compendium you linked to is unfortunately inaccurate as regards Italian law. There is, in particular, an obligation to notify personal data breaches applyng to “providers of electronic communications services”; notification is to the DPA and, under certain circumstances, to subscribers and users. Actually all EU MS have the same rule in place as it stems from a 2009/136 directive that amended the e-privacy directive of 2002. Let me also point out that the text of the Italian code (consolidated statute of DP legislation) is available at http://www.garanteprivacy.it, whilst http://www.privacy.it is a privately-owned and -managed website that has no official relevance.
Thanks so much, Antonio. I try to share resources, but am usually in no position to verify or warranty their accuracy. Having readers who can add to our knowledge is so helpful.