About the course
GDPR: HANDLING PERSONAL DATA BREACHES
Under the GDPR, Data Controllers have a duty to record and, in some cases, report personal data breaches to the Information Commissioner as well as Data Subjects. In addition, there are other statutory and regulatory duties for recording, reporting and responding to information security incidents impacting on personal data.
This workshop will examine the law and best practice in this area, to
identify how organisations can deal appropriately with data security
incidents and data breaches, in order to minimise the impact on
customers and service users and mitigate reputational damage.
This is an interactive workshop using exercises and group discussion to support real-world application.
Security provisions in GDPR
Data Protection Act 2018
Importance of leadership
Preparing the incident team
Data processors responsibilities
Recognising a security
Initial reports and
To report or not?
Making the judgement call
Notifying the Data Subjects
Closing the incident
Training and testing
CASE STUDIES AND