Get Free Downloads
Start your GDPR today in just a few clicks
Get Free Downloads
Start your GDPR today in just a few clicks

Data Breach? Don’t Panic!

by Adam Brogden
in Blog

26-Nov-2018 09:34

The ICO has just released information on how to handle a breach. You really do need to read this!

In summary, recognising that a breach may have occurred is the first step. As part of your GDPR you should have completed a data discovery and process analysis so you should be able to identify which data subjects and what data are at risk. You should also have a Breach process.

If you have not completed these tasks then do them now! These tasks might seem tedious but they are absolutely vital. Without completing a data discovery you will not be able to respond to SARs, requests or breaches.

OK, now back to the breach policy. The ICO defines 4 key steps:

  • Containing the breach and recovering from the impact

  • Assessing the risk

  • Deciding who you need to inform

  • Learning from the incident

In addition, they recommend nominating a lead person to progress the breach resolution. This sounds like a good idea. It is likely that many people will be involved so having a key person to coordinate makes sense. Your Optindigo breach policy follows this model and includes a simple flowchart to help you keep on track. It also includes a special task that helps you manage the breach process.

Most importantly, if you experience a data breach, CALL US FIRST! Don’t panic, just give us a call and we will help you understand what you need to do.

For more information on the ICO advice, click here to go to the ICO website.

Good luck all.