SOAR Breach Response add-on updates V1.10.18

The SOAR Breach Response add-on (also known as Privacy Solution) includes updated regulators and a new regulator in this release.

We always appreciate feedback on current legislation and guidance whether it appears in our product or not. Contact your Customer Relationship Manager if you have any questions about these updates or suggestions for future updates. You can also use the IBM Community to see how your peers are using the Privacy solution to simplify the complex world of information security.

The following regulators were updated in this release.
Regulator Description

South Korea

Updated the Resource Library. Specifically, updated the Enforcement Decree to PIPA (No.33727). Changed the timeframe of “Notify Affected Individuals (South Korea)” and “Notify the Supervisory Authorities (South Korea)” tasks from 5 days to 72 hours. Removed “Provide Public Notification of the Breach (South Korea)” task. Updated the language of “Notify Affected Individuals (South Korea)” and “Notify the Supervisory Authorities (South Korea)” tasks. Specifically, updated the notification timeframe and added required notice content, substitute notice, permitted delay, and exemption of notification.

Australia

Updated the Resource Library. Specifically, added the OAIC guidance. Unified the timeframe of “Notify the OAIC (Australia)” and “Notify Affected Individuals (Australia)” tasks as 15 days. Updated the language of “Notify the OAIC (Australia)” and “Notify Affected Individuals (Australia)” tasks. Specifically, added the deadline and criteria for assessing eligible data breaches and the link to NDB scheme, and updated the link to online reporting form.