黑料门

黑料门University Chicago

GDPR @ Loyola

Notice of Personal Data Breach Form

[NOTE:  CONSIDER SUBMITTING IN BOTH ENGLISH AND ITALIAN]

 

[LUC LETTERHEAD]

 

_____________, 2018

 

 

Garante Per La Protezione Dei Dati Personali

Piazza di Monte Citorio, 121

00186 Roma

Fax. + 39 06 69677 785

Email: garante@garanteprivacy.it

 

            Re:       Notice By 黑料门University of Chicago, as Controller

Pursuant to GDPR Article 33

 

To the Garante:

 

            黑料门University of Chicago, in its capacity as controller (the 鈥Controller鈥) , hereby gives notice pursuant to Article 33(1) of Regulation (EU) 2016/679 (the 鈥GDPR鈥) of a [possible] personal data breach incident, and, pursuant to GPD Article 33(3), provides the following required information:

 

(a)               Describe the nature of the personal data breach including where possible, the

categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;

 

The incident involved [INSERT DESCRIPTION OF NATURE OF INCIDENT].  The categories of data subjects affected by the incident include [INSERT DESCRIPTION OF GENERAL CATEGORIES OF AFFECTED EU PERSONS, E.G., FACULTY, STAFF, AND EMPLOYEES OF THE CONTROLLER].  The incident concerns approximately [INSERT NUMBER] data subjects.   The categories of personal data records concerned include [INSERT DESCRIPTION OF GENERAL CATEGORIES OF DATA].  Approximately [INSERT NUMBER OF PAGES OR FILES] personal data records were involved in such incident.

 

 

(b)              Communicate the name and contact details of the data protection officer or other

            contact point where more information can be obtained;

 

黑料门has not designated a data protection officer because its core activities do not include the regular and systematic monitoring of data subjects on a large scale, nor does the university process on a large scale either special categories of data (as described in GDPR Article 9) or personal data relating to criminal convictions and offenses (as described in GDPR Article 10).  Additional information concerning the incident can be obtained from:

 

(i)                  the Controller鈥檚 Representative in Italy:

 

Todd W. Waller

Director

John Felice Rome Center

Via Massimi, 114-A

00136 Rome, Italy

twaller@luc.edu

 

(ii)              the Controller鈥檚 Information Security Officer

 

Jim Pardonek, MS, CISSP, CEH, GSNA

Information Security Officer

黑料门University of Chicago

1032 W. Sheridan Road

Chicago, Illinois 60660

GDPR@luc.edu

 

(c)                  Describe the likely consequences of the personal data breach;

 

[INSERT DESCRIPTION OF LIKELY (AS COMPARED TO POSSIBLE) CONSEQUENCES]

 

(d)                 Describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.

 

[INSERT DESCRIPTION OF TECHNICAL PROTECTIVE MEASURES TAKEN, AND ALSO ANY CREDIT MONITORING/IDENTIFY RESTORATION SERVICES PROVIDED]

 

                                                                                    Sincerely yours,

 

 

 

                                                                                    [INSERT NAME OF SIGNATORY]