3 Steps to Stay Calm After A Data Breach

3 Steps to Stay Calm After A Data Breach

According to government data, 46 per cent of all UK organisations experienced at least one cyber-security breach or attack in 2017. Under the General Data Protection Regulation (GDPR), which came into play this year, your organisation is required to report certain types of personal data breaches to the relevant supervisory authority within 72 hours. Failure to report a breach could result in a fine of up to 12 million (8,803,843 GBP) or 2 per cent of your annual turnover, whichever is the highest.

With such heavy penalties, it’s essential that you follow these three steps to protect your organisation:

1.       Contact the relevant authorities and inform them of a breach within 72 hours.

2.       Directly contact any individuals affected by a breach if it is likely to result in a high risk to their rights and freedoms. (Note: The Information Commissioner’s Office defines a high risk as ‘the threshold for notifying individuals is greater than notifying the relevant supervisory authority’.)

3.       Finally, complete a breach notification containing the following information:

·         The categories and number of people affected by the breach

·         The categories and number of personal data records affected by the breach

·         The name and contact details of the data protection officer or an additional contact who can offer more information

·         A detailed description of the breach’s potential consequences

·         A detailed description of what measures your organisation has taken or will take to address the data breach

·         A detailed description of the measures your organisation has taken or will take to prevent any possible adverse effects to either itself or the individuals affected.

To protect your business with cyber insurance, contact Cyberguru today. We provide Cyber Liability insurance to meet your needs. Get a free business cyber insurance quote here. 

9 Albany Park, Cabot Lane, Poole, Dorset, BH17 7BX
t. +44 (0)330 1240730
e. This email address is being protected from spambots. You need JavaScript enabled to view it.

© Insync Insurance Solutions Ltd 2016 All rights reserved. Cyberguru is a trading style of Insync Insurance Solutions Ltd which is authorised & regulated by the Financial Conduct Authority. Our registered office is Midland House, 2 Poole Road, Bournemouth, Dorset BH2 5QY and we are registered in England under company number 08810662. Should you have cause to complain, and you are not satisfied with our response to your complaint, you may be able to refer it to the Financial Ombudsman Service, which can be contacted as follows: The Financial Ombudsman Service Exchange Tower, London, E14 9SR | Tel: 0800 023 4567 or 0300 123 9 123 | www.financial-ombudsman.org.uk | Terms of Business