01235 838507
Managing a data breach

5 Steps to Managing a Data Breach

A data breach occurs when secure or private information is released without authorisation. Such a breach of confidentiality that presents a risk to an individual’s rights and freedoms has to be notified to the authorities within 72 hours of awareness of the breach.

In this day and age, such security breaches are a constant threat for organisations, and the effects can be catastrophic, with reports of around 60% of small firms going out of business within 6 months of a data breach.

Organisations must implement appropriate measures to avoid such breaches of data, however, if a breach occurs, there are steps you can follow to keep your business safe;

1. Stop the breach

Containing a breach as quickly as possible is critical. Containment does depend on the nature of the attack, but isolating the system that has been breached, in order to prevent further spread, is essential. Determine the cause of the issue and find out what personal information has been compromised.

2. Preserve evidence of the data breach

Understanding how a breach occurred and the damage it caused is the next key element in managing a data breach.

3. Isolate the breach

Ensuring a security infrastructure built up of many layers will allow an easier isolation in the event of an attack. By segmenting business units from the network level, problems can be isolated as they are investigated.

4. Consider public communications and notifications

Once a breach has been found, the evidence preserved and isolated, the next step is to notify authorities, third-party organisations and individuals who may have been affected by the breach. With time restrictions on how long an organisation has to inform the governing regulators, this should be done as soon as possible.

Organisations need to provide information on;

  • The date of the breach
  • What was compromised
  • Further prevention methods being put in place as a result

Explain why the breach took place and describe the solutions

5. Investigate, fix and restore systems

Knowing how your system was breached in the first place is essential in preventing it from happening again. Once the source of a breach is secured, systems can be brought back online. Systems should be tested and re-tested thoroughly in order to identify process gaps and confirm that all sensitive data is secure.

Be secure against data attacks. Our GDPR Toolbox provides a practical set of tools to help manage your data protection challenges. Learn how to manage your personal data, find out what to do when a member of staff leaves an organisation, use our data breach log and forms, manage individual records for Subject Access Requests and use our register to record the controls behind software usage.

Be proactive with your security. Don’t wait until you have to deal with a breach. Have measures in place to stop one ever occurring.

Need help managing your data protection challenges?

If you have experienced a data breach and require immediate expert advice to assess the severity of the breach and determine whether or not you need to report it to the ICO, as well as help with recording the appropriate information and communicating with affected parties, we can help.

Rapid Response

Take a look inside

Take a quick look around the inside of the Databasix Essentials GDPR Toolbox.

Find out more

 

Latest News & Events

My Data Protection Diary (6 TH !)

What a thrill to be here again for the sixth 'My Data Protection Diary', the last for this 2020... now there are very few days left until the end of this year and I am so grateful to have shared with you this series about my profession and my business sector!

In fact, I’m going to take this opportunity to express some of my thoughts on these blank pages, which I am ready to fill with new and interesting topics on data protection.

I selected one of the most engaging and insightful lessons with Kellie, ending the year with sparkling reflections and bombshell information! Clarifying a hot topic in our society: cookies (and I am not talking about biscuits ;))

Read more

Register for News from Databasix

* indicates required



Contact Databasix

Email info@dbxuk.com
Tel 01235 838507

Databasix UK Ltd
is a registered company in England & Wales
Registration No. 08771007

Harwell Innovation Centre
Building 173
Curie Avenue
Harwell Oxford
Didcot
Oxfordshire
OX11 0QG