In recent years there have been countless country-specific data protection laws and regulations enacted that dictate requirements for handling potential data breach response and notification. This panel will lead a dialogue on how companies are managing often differing and competing notification requirements, particularly as related to notice timing and the definition of a breach in various jurisdictions. In order to determine when an incident rises to the level of a legally defined breach, companies face numerous questions regarding the type of data involved, the security surrounding the system involved, and how the data may or may not have been accessed or further used. The panel will also address the current state and potential future state of data breach notification in the APAC region, discussing enforcement trends and regulatory collaboration across jurisdictions.