Privacy updates in IBM Security QRadar SOAR Platform 51.0.0.0

The privacy solution is reviewed for each IBM Security QRadar SOAR Platform release. Review the privacy updates that were made in SOAR Platform 51.0.0.0.

The following regulators were updated in this release.

Regulator	Description
South Korea	Updated the Resource Library. Specifically, updated the Enforcement Decree to PIPA (No.33727). Changed the timeframe of “Notify Affected Individuals (South Korea)” and “Notify the Supervisory Authorities (South Korea)” tasks from 5 days to 72 hours. Removed “Provide Public Notification of the Breach (South Korea)” task. Updated the language of “Notify Affected Individuals (South Korea)” and “Notify the Supervisory Authorities (South Korea)” tasks. Specifically, updated the notification timeframe and added required notice content, substitute notice, permitted delay, and exemption of notification.
Australia	Updated the Resource Library. Specifically, added the OAIC guidance. Unified the timeframe of “Notify the OAIC (Australia)” and “Notify Affected Individuals (Australia)” tasks as 15 days. Updated the language of “Notify the OAIC (Australia)” and “Notify Affected Individuals (Australia)” tasks. Specifically, added the deadline and criteria for assessing eligible data breaches and the link to NDB scheme, and updated the link to online reporting form.

Regulator

Description

South Korea

Updated the Resource Library. Specifically, updated the Enforcement Decree to PIPA (No.33727). Changed the timeframe of “Notify Affected Individuals (South Korea)” and “Notify the Supervisory Authorities (South Korea)” tasks from 5 days to 72 hours. Removed “Provide Public Notification of the Breach (South Korea)” task. Updated the language of “Notify Affected Individuals (South Korea)” and “Notify the Supervisory Authorities (South Korea)” tasks. Specifically, updated the notification timeframe and added required notice content, substitute notice, permitted delay, and exemption of notification.

Australia

Updated the Resource Library. Specifically, added the OAIC guidance. Unified the timeframe of “Notify the OAIC (Australia)” and “Notify Affected Individuals (Australia)” tasks as 15 days. Updated the language of “Notify the OAIC (Australia)” and “Notify Affected Individuals (Australia)” tasks. Specifically, added the deadline and criteria for assessing eligible data breaches and the link to NDB scheme, and updated the link to online reporting form.

We appreciate feedback on current legislation and guidance, whether it appears in our product or not. If you have any questions about the following updates or suggestions for future updates, contact your Customer Relationship Manager.

To learn more about how your peers are taking full advantage of the SOAR Platform, see the IBM Security QRadar SOAR Community.