Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Bosnia & Herzegovina: AZLP recommends organisations to notify data breaches

The Agency for Personal Data Protection in Bosnia and Herzegovina ('AZLP') published, on 18 August 2022, its opinion, as issued on 8 February 2022, in which it responded to queries from an organisation that had suffered from a cybersecurity incident. In particular, the AZLP took the view that the Law on the Protection of Personal Data No. 49/06 ('PDPL') should be harmonised with the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). Therefore, while there is no explicit obligation to notify the AZLP of data breaches under the Law, the AZLP confirmed that it is nevertheless recommended for organisations in Bosnia and Herzegovina to apply Articles 33 and 34 of the GDPR. Finally, the AZLP indicated that it supports controllers in implementing measures to comply with the GDPR, including the appointment of data protection officers ('DPOs'), adding that such activities should be consulted with the AZLP.

You can download the opinion, only available in Bosnian, here.