Handling data breaches under the GDPR
Intro
Understand the concept and the importance of timely and properly detecting and handling personal data breaches.
Have knowledge of the obligations deriving from the GDPR regarding data breaches towards the competent supervisory authority and the affected individuals as well as internally in the SME.
Understand the steps involved in the incident handling procedure taking into account the time framework set by the GDPR
Key Messages
Establish clear procedures and plans for the detection and handling of personal data breaches.
Raise staff awareness and provide regular training on data breach detection and management procedures.
Establish clear procedures for the reporting of data breach incidents to the persons or team responsible for investigation and handling.
Keep an up-to-date internal register of personal data breaches recording all evidence proving compliance.