Responding to a personal data breach

Posted on 15th July 2024 by Streets Business Support


Image to represent Responding to a personal data breach

The Information Commissioner’s Office has a simple guide that explains what you need to do in the 72 hours following a data breach.

The seven step approach advocated is set out below:

Step one: Don’t panic

It’s understandable if you’re concerned about what happens next. But we’re here to help you understand what happened and to prevent it happening again.

Step two: Start the timer

By law, you've got to report a personal data breach to the ICO without undue delay (if it meets the threshold for reporting) and within 72 hours.

Step three: Find out what’s happened

Pull the facts together as quickly as possible.

Step four: Try to contain the breach

Your priority is to establish what has happened to the personal data affected. If you can recover the data, do so immediately. Also, you should do whatever you can to protect those who will be most impacted.

Step five: Assess the risk

You should now assess what you feel the risk of harm is to those affected, whether that’s your customers, members or service users.

Step six: If necessary, act to protect those affected

If possible, you should give specific and clear advice to people on the steps they can take to protect themselves, and what you’re willing to do to help them. If you don’t think there’s a high risk to the people involved, you don’t have to let them know about the incident.

Step seven: Submit your report (if needed)

If the breach is reportable, you can report it online.

The ICO have a help line you could call, 0303 123 1113, or view online advice at https://ico.org.uk/for-organisations/advice-for-small-organisations/72-hours-how-to-respond-to-a-personal-data-breach/.


No Advice

The content produced and presented by Streets is for general guidance and informational purposes only. It should not be construed as legal, tax, investment, financial or other advice. Furthermore, it should not be considered a recommendation or an offer to sell, or a solicitation of any offer to buy any securities or other form of financial asset. The information provided by Streets is of a general nature and is not specific for any individual or entity. Appropriate and tailored advice or independent research should be obtained before making any such decisions. Streets does not accept any liability for any loss or damage which is incurred from you acting or not acting as a result of obtaining Streets' visual or audible content.

Information

The content used by Streets has been obtained from or is based on sources that we believe to be accurate and reliable. Although reasonable care has been taken in gathering the necessary information, we cannot guarantee the accuracy or completeness of any information we publish and we accept no liability for any errors or omissions in material. You should always seek specific advice prior to making any investment, legal or tax decisions.


Expert insight and news straight
to your inbox

Related Articles


R&D receives a welcome boost in the Budget

As part of the October Budget the Chancellor announced the highest ever level of government investment of £20.4 billion in research and development for next year, reinforcing the government’s commitment to back the UK’s R&D ecosystem to drive


Keeping an eye on competitors

Keeping an eye on competitors offers crucial advantages, especially in a dynamic market. Here’s why it pays off: Improving Market Positioning By observing competitor pricing, branding, and marketing strategies, you can position yourself better in


Managing business cashflow

Cash Flow Forecasting Creating a cash flow forecast helps you predict your inflows and outflows, allowing you to anticipate any cash shortages. Update it regularly, be conservative in estimates, and account for any seasonal trends. A well-maintained

You might also be interested in...