What is a data breach?
A data breach is “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of a public electronic communications service”, according to the Information Commissioners Office.
Reporting data protection breaches
As a company, you are obliged to report a data breach to authorities within 72 hours of the security breach. If the breach has any affect on an individual’s rights or personal information, such as exposure of customer or client data, you must inform those affected without delay.
Failure to do report so can carry heavy penalties and a data breach can result in large fines of up to 4% annual global turnover or 20 million EUROS.
Data breach assessments
If you experience a data breach, then we can help you assess if it needs to be reported to the supervisory authority within the 72 hours. We can also help you draft and make the report and advice on the immediate remedial steps you need to take to mitigate the risks and damages arising from the breach. This includes considering if data subjects need to be informed, advising on the communications and helping you to manage enforcement action and claims for compensation from data subjects.
Not only that, a data breach can cause damage to your organisation’s reputation if the breach includes the personal data of customers and clients.
Why use BM Data Services?
Prevention is better than cure - does your business have correct systems in place to manage security and report breach ? We can help you with the policies and procedures you need and training of staff, as they are crucial to reducing the risk of breach and the damages that could arise.
BM Data’s team of qualified IT Governance practitioners have a wealth of experience providing swift action when a business has been exposed to a data breach. We have experience with dealing with ICO and other supervisory authorities as well as advising businesses on how to manage relationships with key stakeholders, data subjects, enforcement action and claims.
Contact one of our expert teams now to discuss how we can support your business.