GDPR · Chapter IV — Controller and processor
Art. 33 Notification of a personal data breach to the supervisory authority
Notify the supervisory authority of a personal data breach without undue delay and, where feasible, within 72 hours.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- DORARelatedCuratedArt. 17 ICT-related incident management process
Incident response & breach notification
- DORARelatedCuratedArt. 19 Reporting of major ICT-related incidents
Incident response & breach notification
- GLBARelatedCurated§314.4(h) Incident response plan
Incident response & breach notification
- HIPAARelatedCurated§164.308(a)(6) Security incident procedures
Incident response & breach notification
- HIPAARelatedCurated§164.404 Notification to individuals
Incident response & breach notification
- LGPDRelatedCuratedArt. 48 Communication of a security incident
Incident response & breach notification
- NIS2RelatedCuratedArt. 21(2)(b) Incident handling
Incident response & breach notification
- NIS2RelatedCuratedArt. 23 Reporting obligations
Incident response & breach notification
- NIST 800-171RelatedCurated3.6.1 Establish an incident-handling capability
Incident response & breach notification
- NIST 800-53RelatedCuratedIR-4 Incident handling
Incident response & breach notification