Personal Data breach notification

According to point 90 of the Government Decision no. 112 of 14.12.2010 on the Approval of the Requirements for ensuring the security of personal data when processing them within the personal data information systems –  the controllers shall submit annually, by January 31, to the Center the generalized report on security incidents of personal data information systems. Based on this report, the Center takes the measures required by the Law on personal data protection.

The report is presented in free form via “Post of Moldova” (with signature and stamp) to the address of the NCPDP: MD – 2004, Republic of Moldova, Chisinau municipality, Serghei Lazo street, 48.

The report shall mention the following issues:

1. Date and time of the incident (if known, if necessary, an estimate can also be made) and when the incident was detected;

2. Categories and content of the personal data concerned;

3. Number of natural persons concerned;

4. A description of the circumstances of the incident that led to the personal data breach (ex. loss, theft, copying), including the physical location of the breach and the storage media involved;

5. Possible consequences and adverse effects for the natural persons concerned;

6. Technical and organizational measures taken by the supplier in order to mitigate any adverse effects.

For any additional information, feel free to contact the Prevention, Surveillance and Evidence Department – on the telephone number 022 – 811 801.