Austria

The EU GDPR, which will apply by 25 May 2018 establishes a new set of data protection provisions applicable across European Union, thus also in Austria. The Austrian harmonization and implementation law is already implemented. Following obligations regarding IT-Security will apply starting from 25 May 2018:
• Setting up technical and organizational standards to ensure data security;
• Notification of breaches to the supervisory authority and the affected person;
• Data protection impact assessment in the event of a high risk to the rights and freedoms of natural persons through data processing;
• Appointment of a data protection officer.