Aims
To protect the rights and freedoms of natural persons, as well as their personal data, CPL Concordia Soc. Coop. has drawn up a Data Breach Policy to deal with the potential personal data breaches as effectively as possible.
A personal data breach is defined as the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.
Possible causes of a breach
The causes that can lead to such situations can be:
- Wilful misconduct or negligence
- Unforeseen circumstances such as fire, flood, earthquake, etc.
- Hacking attacks
- Failure of planned mitigation measures
- “Blagging” offences where information is obtained by deceiving the organisation holding it.
Possible consequences of a breach
The main risks to the rights and freedoms of individuals following a data breach are:
- Physical, material or immaterial damage to individuals;
- Loss of control over the data of the Data Subjects;
- Limitations of rights/discrimination;
- Theft or misuse of identity;
- Financial loss/economic or social or reputational damage (for both the Data Subject and the Data Controller);
- Unauthorised decryption of pseudonymisation;
- Loss of confidentiality of personal data protected by professional secrecy (medical, judicial information);
- Unauthorised use of personal data.