Arrange a Consultation

Where Organisations Struggle #3: Data Breach Response Plan

Jul 4 - Brian Siney

Featured in JEP’s Expert Panel – 4th July 2018


In the last two posts, I examined the major areas of where businesses have struggled with their GDPR implementation. Today I look at a third area: having no incident response plan for a data breach or cyber security attack.

Seems obvious a response plan is essential for any organisation that is looking to avoid being on the “back foot” when faced with a data protection or cyber security incident. This plan should have all the important guidance, emergency procedures, key contact details of the “decision” makers, and a clearly defined, time specific, action list written down in one place.

A key risk of having no plan is that valuable time is lost scrambling around trying to gather information on data protection law, getting the list and locations of technology systems and software in use. A big hurdle could be realising that your technology service provider is not readily available to support your organisation within the required time period, so check you have a suitable emergency support plan in place.

So develop a response plan in order to handle responsibly incidents such as (a) data breach (b) cyber security and as good practice (c) data subject access requests. Train people about the plan, keep testing to ensure it is still relevant for your organisation every few months.

Where Organisations Struggle With GDPR – #1

Where Organisations Struggle With GDPR – #2

Ensure Your Business is GDPR Compliant Today!

Contact me today and arrange a consultation…

Be Secure is a Jersey-based data consultancy business specialising in GDPR data protection, data privacy and cyber security. Leveraging extensive experience of founder Brian Siney, Be Secure offers a unique business focus and perspective for managing GDPR.

Send me a message

Call me on 07797 738743

More from the blog

Back to Blog home