Source: OJ L, 2024/2690, 18.10.2024
EN- High common level of cybersecurity for entities
Implementing acts
- Cybersecurity measures and significant incidents for relevant entities
Article 8 Significant incidents with regard to data centre service providers
With regard to data centre service means a service that encompasses structures, or groups of structures, dedicated to the centralised accommodation, interconnection and operation of IT and network equipment providing data storage, processing and transport services together with all the facilities and infrastructures for power distribution and environmental control; providers, an incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; shall be considered significant under Article 3(1)(g) where it fulfils one or more of the following criteria:
a data centre service means a service that encompasses structures, or groups of structures, dedicated to the centralised accommodation, interconnection and operation of IT and network equipment providing data storage, processing and transport services together with all the facilities and infrastructures for power distribution and environmental control; of a data centre operated by the provider is completely unavailable;
the availability of a data centre service means a service that encompasses structures, or groups of structures, dedicated to the centralised accommodation, interconnection and operation of IT and network equipment providing data storage, processing and transport services together with all the facilities and infrastructures for power distribution and environmental control; of a data centre operated by the provider is limited for a duration of more than one hour;
the integrity, confidentiality or authenticity of stored, transmitted or processed data related to the provision of a data centre service means a service that encompasses structures, or groups of structures, dedicated to the centralised accommodation, interconnection and operation of IT and network equipment providing data storage, processing and transport services together with all the facilities and infrastructures for power distribution and environmental control; is compromised as a result of a suspectedly malicious action;
physical access to a data centre operated by the provider is compromised.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.