{"id":24533,"date":"2021-02-25T09:52:47","date_gmt":"2021-02-25T08:52:47","guid":{"rendered":"https:\/\/www.delucapartners.it\/news\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/"},"modified":"2026-03-31T16:12:40","modified_gmt":"2026-03-31T14:12:40","slug":"data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches","status":"publish","type":"post","link":"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/","title":{"rendered":"Data Breach: The European Data Protection Authority Guidelines for handling data breaches."},"content":{"rendered":"\n<p>The Italian Data Protection Authority, with the newsletter 472 of 25 January 2021, announced that on 14 January, the EDPB <em>(\u201cEuropean Data Protection Board\u201d) adopted new Guidelines (\u201cGuidelines 01\/2021 on Examples regarding Data Breach Notification\u201d, the \u201c<strong>Guidelines<\/strong>\u201d)<\/em> aimed at supporting companies and public administration in correctly addressing data breaches and defining risk management processes.<\/p>\n\n\n\n<p>The document adds to the previous guidelines of Working Party 29 <em>(\u201cGuidelines on Personal data breach notification under Regulation 2016\/679\u201d) <\/em>which, include a technical-theoretical analysis of what is prescribed by Regulation (EU) 2016\/697<em> (the \u201cRegulation\u201d) about personal data breaches (or \u201c<strong>Data Breach<\/strong>\u201d).<\/em><\/p>\n\n\n\n<p>Considering information security principles, recalling <em>&#8220;Opinion 3\/2014&#8221;<\/em> and <em>&#8220;Guidelines WP 250&#8221;,<\/em> EDPB provides a classification of the type of breaches, namely:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><em>\u201cconfidentiality breaches<\/em>\u201d &#8211; occur when there is an unauthorised disclosure of or access to personal data;<\/li>\n\n\n\n<li><em>\u201cintegrity breaches\u201d<\/em> &#8211; occur when there is an unauthorised or accidental alteration of personal data;<\/li>\n\n\n\n<li><em>\u201cavailability breaches\u201d<\/em> &#8211; occur when there is an accidental or loss of access to or destruction of personal data.<\/li>\n<\/ul>\n\n\n\n<p>Aiming to provide useful guidance to data controllers and data processors on how to handle a personal data breach correctly, the Guidelines illustrate what to avoid (e.g. failure to encrypt data). They also contain numerous practical case studies involving hospitals, banks, businesses and online service companies of various kinds in different European countries.<\/p>\n\n\n\n<p>These case studies describe the preventive measures that can be taken and suggest how to carry out a breach risk assessment, the potential measures that can be taken to reduce the risks and legal obligations that must be met.<\/p>\n\n\n\n<p>EDPB launched a European public consultation on the document that will end on 2 March 2021.<\/p>\n\n\n\n<p><strong>Others insights related:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.delucapartners.it\/en\/insights\/the-form-for-notifying-the-data-breach-is-ready\/\">The form for notifying the Data Breach is ready<\/a><\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Italian Data Protection Authority, with the newsletter 472 of 25 January 2021, announced that on 14 January, the EDPB (\u201cEuropean Data Protection Board\u201d) adopted new Guidelines (\u201cGuidelines 01\/2021 on Examples regarding Data Breach Notification\u201d, the \u201cGuidelines\u201d) aimed at supporting companies and public administration in correctly addressing data breaches and defining risk management processes. The [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[177,190,203],"tags":[1433,1144,1071],"class_list":{"0":"post-24533","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"hentry","6":"category-insights","8":"category-practice","9":"tag-autorita-garante-en","10":"tag-data-breach-en","11":"tag-edpb-en"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Data Breach: The European Data Protection Authority Guidelines for handling data breaches. - De Luca &amp; Partners<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/posts\/24533\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data Breach: The European Data Protection Authority Guidelines for handling data breaches. - De Luca &amp; Partners\" \/>\n<meta property=\"og:description\" content=\"The Italian Data Protection Authority, with the newsletter 472 of 25 January 2021, announced that on 14 January, the EDPB (\u201cEuropean Data Protection Board\u201d) adopted new Guidelines (\u201cGuidelines 01\/2021 on Examples regarding Data Breach Notification\u201d, the \u201cGuidelines\u201d) aimed at supporting companies and public administration in correctly addressing data breaches and defining risk management processes. The [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/\" \/>\n<meta property=\"og:site_name\" content=\"De Luca &amp; Partners\" \/>\n<meta property=\"article:published_time\" content=\"2021-02-25T08:52:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-31T14:12:40+00:00\" \/>\n<meta name=\"author\" content=\"Melismelis\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Melismelis\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/insights\\\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/insights\\\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\\\/\"},\"author\":{\"name\":\"Melismelis\",\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/#\\\/schema\\\/person\\\/00d0832a12e3889dce887a31e29d65f8\"},\"headline\":\"Data Breach: The European Data Protection Authority Guidelines for handling data breaches.\",\"datePublished\":\"2021-02-25T08:52:47+00:00\",\"dateModified\":\"2026-03-31T14:12:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/insights\\\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\\\/\"},\"wordCount\":288,\"publisher\":{\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/#organization\"},\"keywords\":[\"Autorit\u00e0 Garante\",\"Data Breach\",\"EDPB\"],\"articleSection\":[\"Insights\",\"Insights\",\"Practice\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/insights\\\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\\\/\",\"url\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/insights\\\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\\\/\",\"name\":\"Data Breach: The European Data Protection Authority Guidelines for handling data breaches. - De Luca &amp; Partners\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/#website\"},\"datePublished\":\"2021-02-25T08:52:47+00:00\",\"dateModified\":\"2026-03-31T14:12:40+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/insights\\\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/insights\\\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/insights\\\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data Breach: The European Data Protection Authority Guidelines for handling data breaches.\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/\",\"name\":\"De Luca & Partners\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/#organization\",\"name\":\"De Luca & Partners\",\"url\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.delucapartners.it\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/De-Luca-Partners.png\",\"contentUrl\":\"https:\\\/\\\/www.delucapartners.it\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/De-Luca-Partners.png\",\"width\":600,\"height\":56,\"caption\":\"De Luca & Partners\"},\"image\":{\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.delucapartners.it\\\/en\\\/#\\\/schema\\\/person\\\/00d0832a12e3889dce887a31e29d65f8\",\"name\":\"Melismelis\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/abc81b0c708aea145c773c368ae5bc3f1f3fd0d40a61429cb96d09523d41ab66?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/abc81b0c708aea145c773c368ae5bc3f1f3fd0d40a61429cb96d09523d41ab66?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/abc81b0c708aea145c773c368ae5bc3f1f3fd0d40a61429cb96d09523d41ab66?s=96&d=mm&r=g\",\"caption\":\"Melismelis\"},\"sameAs\":[\"https:\\\/\\\/www.delucapartners.it\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data Breach: The European Data Protection Authority Guidelines for handling data breaches. - De Luca &amp; Partners","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/posts\/24533\/","og_locale":"en_US","og_type":"article","og_title":"Data Breach: The European Data Protection Authority Guidelines for handling data breaches. - De Luca &amp; Partners","og_description":"The Italian Data Protection Authority, with the newsletter 472 of 25 January 2021, announced that on 14 January, the EDPB (\u201cEuropean Data Protection Board\u201d) adopted new Guidelines (\u201cGuidelines 01\/2021 on Examples regarding Data Breach Notification\u201d, the \u201cGuidelines\u201d) aimed at supporting companies and public administration in correctly addressing data breaches and defining risk management processes. The [&hellip;]","og_url":"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/","og_site_name":"De Luca &amp; Partners","article_published_time":"2021-02-25T08:52:47+00:00","article_modified_time":"2026-03-31T14:12:40+00:00","author":"Melismelis","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Melismelis","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/#article","isPartOf":{"@id":"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/"},"author":{"name":"Melismelis","@id":"https:\/\/www.delucapartners.it\/en\/#\/schema\/person\/00d0832a12e3889dce887a31e29d65f8"},"headline":"Data Breach: The European Data Protection Authority Guidelines for handling data breaches.","datePublished":"2021-02-25T08:52:47+00:00","dateModified":"2026-03-31T14:12:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/"},"wordCount":288,"publisher":{"@id":"https:\/\/www.delucapartners.it\/en\/#organization"},"keywords":["Autorit\u00e0 Garante","Data Breach","EDPB"],"articleSection":["Insights","Insights","Practice"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/","url":"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/","name":"Data Breach: The European Data Protection Authority Guidelines for handling data breaches. - De Luca &amp; Partners","isPartOf":{"@id":"https:\/\/www.delucapartners.it\/en\/#website"},"datePublished":"2021-02-25T08:52:47+00:00","dateModified":"2026-03-31T14:12:40+00:00","breadcrumb":{"@id":"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.delucapartners.it\/en\/insights\/data-breach-the-european-data-protection-authority-guidelines-for-handling-data-breaches\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.delucapartners.it\/en\/"},{"@type":"ListItem","position":2,"name":"Data Breach: The European Data Protection Authority Guidelines for handling data breaches."}]},{"@type":"WebSite","@id":"https:\/\/www.delucapartners.it\/en\/#website","url":"https:\/\/www.delucapartners.it\/en\/","name":"De Luca & Partners","description":"","publisher":{"@id":"https:\/\/www.delucapartners.it\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.delucapartners.it\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.delucapartners.it\/en\/#organization","name":"De Luca & Partners","url":"https:\/\/www.delucapartners.it\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.delucapartners.it\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.delucapartners.it\/wp-content\/uploads\/2026\/01\/De-Luca-Partners.png","contentUrl":"https:\/\/www.delucapartners.it\/wp-content\/uploads\/2026\/01\/De-Luca-Partners.png","width":600,"height":56,"caption":"De Luca & Partners"},"image":{"@id":"https:\/\/www.delucapartners.it\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.delucapartners.it\/en\/#\/schema\/person\/00d0832a12e3889dce887a31e29d65f8","name":"Melismelis","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/abc81b0c708aea145c773c368ae5bc3f1f3fd0d40a61429cb96d09523d41ab66?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/abc81b0c708aea145c773c368ae5bc3f1f3fd0d40a61429cb96d09523d41ab66?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/abc81b0c708aea145c773c368ae5bc3f1f3fd0d40a61429cb96d09523d41ab66?s=96&d=mm&r=g","caption":"Melismelis"},"sameAs":["https:\/\/www.delucapartners.it"]}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/posts\/24533","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/comments?post=24533"}],"version-history":[{"count":3,"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/posts\/24533\/revisions"}],"predecessor-version":[{"id":30764,"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/posts\/24533\/revisions\/30764"}],"wp:attachment":[{"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/media?parent=24533"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/categories?post=24533"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.delucapartners.it\/en\/wp-json\/wp\/v2\/tags?post=24533"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}