You have procedures in place to make sure that you detect, manage and appropriately record personal data incidents and breaches.
Ways to meet our expectations:
- You have appropriate training in place so that staff are able to recognise a security incident and a personal data breach.
- A dedicated person or team manages security incidents and personal data breaches.
- Staff know how to escalate a security incident promptly to the appropriate person or team to determine whether a breach has occurred.
- Procedures and systems facilitate the reporting of security incidents and breaches.
- Your organisation has a response plan for promptly addressing any security incidents and personal data breaches that occur.
- You centrally log/record/document both actual breaches and near misses (even if they do not need to be reported to the ICO or individuals).
- The log documents the facts relating to the near miss or breach including:
- its causes;
- what happened;
- the personal data affected;
- the effects of the breach; and
- any remedial action taken and rationale.
Can you answer yes to the following questions?
- Could staff explain what constitutes a personal data breach?
- Do they know how to report incidents?
- Would a sample of how you manage incidents demonstrate adherence to the policy and procedures?