Breach Notification
Legal
A statutory or contractual obligation to inform affected individuals, regulators, or business partners about a security incident involving personal data within a defined window. Timelines and triggers vary: GDPR is 72 hours to the supervisory authority, HIPAA is 60 days, and U.S. state laws range from “without unreasonable delay” to specific day counts.