Mishcon de Reya page structure
Site header
Main menu
Main content section

UK GDPR

The UK General Data Protection Regulation

Recital 86 UK GDPR

The controller should communicate to the data subject a personal data breach, without undue delay, where that personal data breach is likely to result in a high risk to the rights and freedoms of the natural person in order to allow him or her to take the necessary precautions. The communication should describe the nature of the personal data breach as well as recommendations for the natural person concerned to mitigate potential adverse effects. Such communications to data subjects should be made as soon as reasonably feasible and in close cooperation with the supervisory authority, respecting guidance provided by it or by other relevant authorities such as law-enforcement authorities. For example, the need to mitigate an immediate risk of damage would call for prompt communication with data subjects whereas the need to implement appropriate measures against continuing or similar personal data breaches may justify more time for communication.

Dynamic Data Compliance

Complying with the evolving data regulation landscape can be a daunting task, and an expensive one for those who can't justify a dedicated Data Protection Officer. Learn more about our Hub Plus offering here. 

Find out more