This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.
It's crucial to comprehend what constitutes a data breach and how to handle it effectively.
A data breach is defined as any breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
Every employee plays a vital role in promptly addressing and reporting data breaches.
If you become aware of a breach or potential breach of data, notify the designated data protection personnel in your organisation without delay. This enables swift action to mitigate risks.
Organisations must have robust procedures in place to manage and report data breaches effectively.
Notification Timeframe: If a breach poses a risk to data subjects, notify the Information Commissioner's Office (ICO) within 72 hours.
High-Risk Breaches: Individuals affected by high-risk breaches must also be notified within the same timeframe.
Exemptions: Some exemptions apply, such as if the data is rendered unintelligible or if other measures negate the high risk.
An internal breach register should be maintained to document all personal data breaches, including relevant details and actions taken.
This documentation serves to demonstrate compliance to regulatory authorities.
