Chambers & Partners.

Our firm has prepared the Hungarian chapter of the Chambers Privacy Guide, where, after describing the general data protection situation, we have had the opportunity to discuss a timely topic. The author, Endre Várady, explored the topic of data breach in the Chambers Privacy pages. He did so because in Hungary the issue of data breach management has recently become a major focus of the NAIH.

Managing a data breach is like fighting a fire. If a security breach involving personal data occurs, it is worth getting out the fire extinguisher immediately. Discover exactly what happened, and if there is even a small risk, document it. You should also document what you have done and what you will do to mitigate the risks and prevent a similar incident from happening again. As a general rule, the incident should be reported to the NAIH within 72 hours, and if a high risk is likely, the affected parties should also be informed. It is important that everything is done in a comprehensive manner in order to stand the test of a possible NAIH investigation.