<div>
I am not an attorney and not providing any legal advise. <br />
<br />
The data protection officer. &nbsp;This role would fall under the cio or cto. &nbsp;See articles 33, 35 and 55 of the dgpr. &nbsp;<br />
<br />
<a href="https://en.m.wikipedia.org/wiki/General_Data_Protection_Regulation" rel="ugc">https://en.m.wikipedia.org/wiki/General_Data_Protection_Regulation</a><br />
<a href="http://www.privacy-regulation.eu/en/" rel="ugc">http://www.privacy-regulation.eu/en/</a><br />
<a href="https://www.itgovernance.co.uk/blog/how-to-write-a-gdpr-compliant-personal-data-breach-notification-procedure/" rel="ugc">https://www.itgovernance.co.uk/blog/how-to-write-a-gdpr-compliant-personal-data-breach-notification-procedure/</a>
</div>


I am not an attorney and not providing any legal advise.

The data protection officer.  This role would fall under the cio or cto.  See articles 33, 35 and 55 of the dgpr.  

https://en.m.wikipedia.org/wiki/General_Data_Protection_Regulation [https://en.m.wikipedia.org/wiki/General_Data_Protection_Regulation]
http://www.privacy-regulation.eu/en/ [http://www.privacy-regulation.eu/en/]
https://www.itgovernance.co.uk/blog/how-to-write-a-gdpr-compliant-personal-data-breach-notification-procedure/ [https://www.itgovernance.co.uk/blog/how-to-write-a-gdpr-compliant-personal-data-breach-notification-procedure/]

<div>
<div class="content wysiwyg-content">
While my current org does not fall under the GDPR umbrella, who knows in the future...I know the policy requires a breach notification within 72 hours but I'm not clear who should be notified within this period of time. <br />
<br />
Thank you for your help!
</div>
</div>


While my current org does not fall under the GDPR umbrella, who knows in the future...I know the policy requires a breach notification within 72 hours but I'm not clear who should be notified within this period of time. 

Thank you for your help!

Breach notification

Gdpr

data protection

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.