{"id":911381,"url":"http://info.mzalendo.com/api/v0.1/hansard/entries/911381/?format=json","text_counter":321,"type":"speech","speaker_name":"Sen. Halake","speaker_title":"","speaker":{"id":13184,"legal_name":"Abshiro Soka Halake","slug":"abshiro-soka-halake"},"content":"(c) by inserting the following new sub -clauses immediately after the new sub-clause (1) – (2) The notification under subsection (1)(a) shall set out sufficient information to enable the data subject to take protective measures against potential consequences of the data breach, including — (a) description of the nature of the breach; (b) description of the likely consequences of the breach; (c) description of the measures that the data controller or data processor intends to take or has taken to address the breach; (d) recommendation on the measures to be taken by the data subject to mitigate the adverse effects of the breach; and (e) where possible, the identity of the person who may have accessed or processed the personal data. (3) A data controller or data processor may delay notification to the data subject under subsection (1) (a) for the purpose of preventing, detecting or investigating a crime by the relevant public entity. (4) Where a data processor becomes aware of a personal data breach, the data processor shall notify the data controller within forty-eight hours of becoming aware of such breach."}