ABSTRACT
Organizations will need to assess the categories of personal data that may be involved in a data breach. They also need to assess the type of organization or sector that they are involved in. These factors may dictate how the data protection regime imposes time limits for respective notication of breaches.
