On June 19, the Spanish DPA published the guidelines for managing security breaches and providing notification in compliance with the GDPR (source document in Spanish). The document addresses detection and identification of security breaches, steps to respond to the breach, and notifications to supervisory authorities. This guide applies to small, medium, and large Spanish businesses, as well as to data controllers of public administrations involved in the tasks of managing security breaches.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.