Republic of North Macedonia: DZLP adopts rulebook on data breach notification
The Directorate for Personal Data Protection ('DZLP') adopted, on 11 May 2020, the rulebook on the manner of reporting for breach of personal data security ('the Rulebook'). In particular, the Rulebook outlines that the notification must be provided by the deadline specified by Article 37(1) of the Law on Personal Data Protection 2020 and must be emailed to the DZLP or sent via the breach notification form available on the website of the DZLP. In addition, the Rulebook highlights that the notification should contain, among other things, a description of the nature of the security breach, categories of the personal data affected, categories of personal data, and the approximate number of affected subjects of the personal data.
You can read the press release here and the Rulebook here, both only available in Macedonian.