• About us
  • Pricing
  • Services
    • Consultancy
    • Training
  • Partners
  • Resources
  • Contact
  • Login
  • Try for FREE
More will writers GDPR questions answered
May 2, 2019
I’m retiring, what do I need to do for GDPR to wind up my business?
July 6, 2019
June 9, 2019

How to deal with a data breach

The chances are that up to 9 in every 10 businesses will have a data breach in the next 12 months. Given it’s not if but when, how will you deal with your data breach?

What is a data breach under GDPR?

According to the ICO, a data breach is ‘a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.

The ICO figures show that 5 in every 6 data breaches are caused by human error with the other one being a cyber security breach.

Chances of a data breach

In a recent mini survey we ran, over 80% of respondents said a data breach was their biggest worry and their concern is well placed. In the first nine months after GDPR came into force, over 10,000 breaches were notified to the ICO - that's over 50 every working day!
markus-spiske-221494-unsplash MR (002)
A Data Privacy Benchmark Study carried out by Cisco earlier this year estimates that even in ‘GDPR ready’ businesses, the chances of having a data breach in the next 12 months is 74%. For less-prepared companies that increases to 89%. If between 7 and 9 in every 10 businesses are likely to have a data breach in the next year, you will be lucky to get through the period without one!

Responding to a data breach

You can greatly minimise the chance of a data breach by carrying out a comprehensive data protection impact assessment for all the personal data you handle and training staff on their responsibilities. But there are four vital things to remember if you do experience a breach:

  1. Act quickly Your company is responsible for putting everything right so act quickly to identify and stop the breach to limit the damage the beach causes.

  2. Identify the impact Assess the impact of the data breach and notify those whose personal data is compromised. Is the data breach serious enough to report to the ICO? If so, you must report it within 72 hours of discovering the breach.

  3. Prevent a further breach While you're putting things right from the breach, work out what you can do to prevent it happening again.

  4. Keep a breach record Keep a log of how you dealt with the data breach and how you'll prevent them in future. If the ICO are involved they will want to see a healthy and realistic approach to managing all data breaches.

Guidance on handling data breaches

Astrid’s online platform helps you define your breach identifying and reporting process and includes a breach handbook to help you manage and track breach incidents as they develop. Subscribe today to access all the tools and guidance small businesses need to become and remain compliant with GDPR.


Protect your business - become and remain GDPR compliant with Astrid

 
Subscribe today
 
Share
Emma Oram
Emma Oram

Related posts

January 3, 2021

Can I forget about GDPR after Brexit?


Read more

Leave a Reply Cancel reply

Your e-mail address will not be published. Required fields are marked *

Astrid Data Protection Ltd.

24 John Clare Close
Brackley
Northamptonshire
NN13 5GG

Useful links

  • Home
  • About us
  • Pricing
  • Services
  • Partners
  • Resources
  • Contact
  • Privacy notice
  • Cookie policy
Company number: 11166227 - ICO registration: ZA310233 - © 2018 Astrid Data Protection Ltd.
Astrid Data Protection Ltd uses cookies on this website. By using this website you are agreeing to our use of cookies. To find out more read our cookie policy and privacy policy. Accept Read More
Privacy & Cookies Policy