nexus/security-policies
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Incident response: add GDPR 72h notification requirement

Browse source
This commit is contained in:
Nina Seidel 2026-04-28 14:00:00 +00:00
parent 6c35b9ece3
commit 06d4787d9a
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
procedures/incident-response.md
View file

@ -26,3 +26,9 @@
- SOC hotline: +49 69 123 456 (24/7)
- CISO: direct mobile (see 1Password "emergency contacts")
- Legal: legal@nexus.local
## Regulatory notification requirements
For incidents involving personal data, the supervisory authority (BfDI) must be notified
within **72 hours** if the breach is likely to result in a risk to individuals.
Contact DPO immediately upon any P1 involving customer data.