Data Security: Managing Security Incidents

Overview

An organisation, on a continuous basis, is to monitor the security of personal data and to respond in case of any breach. This Practice Note will provide an overview of how an organisation can actively monitor security risks and respond to data breaches and how it can ensure the ongoing protection for the personal data it holds.

Definitions

  • Applicable law: All applicable laws, statutes, codes, ordinances, decrees, rules, regulations, municipal by-laws, judgments, orders, decisions, rulings or awards of any government, quasi-government, statutory or regulatory bodies, ministries, government agencies or departments, courts, agencies or associations of a competent jurisdiction.

  • Controller: Any person who alone or jointly with others, determines the purposes and means of the processing of personal data.

  • Data subject: The identified or identifiable natural person to whom personal data relates to.

  • Commissioner: The person appointed by the President pursuant to article 43(1) of DIFC Law No. 5/2020 to administer the law.

  • Court: The DIFC Court as established under Dubai laws.

  • Controller: Any person who alone or jointly with others, determines the purposes and means of the processing of personal data.

  • DIFC: Dubai International Financial Centre.