The breach detection procedure involves the following three steps:
- Breach registration: determine whether valuable and sensitive data was compromised.
- Breach analysis: determine the severity of the breach and decide what actions to take, how to mitigate the risk, who to report to and how to fix the leak.
- Breach response/remediation: fix the leak and document the updated working process to ensure that you learn from this incident.
Making the 72 hour deadline
Needless to say that Incident Response Team Members have to be available on a 24x7x365 basis. Hand-over moments need to be smooth, precise and executed within the shortest timeframe possible. There is no time for hesitation or doubt. If you fail to meet the 72 hour deadline you will have a hard time explaining it to the data breach victims, authorities and your other stakeholders.
Privacy Sherpas at your service
What to do when you find it hard to finish the climb towards GDPR compliance? Or to start improving your breach detection and incident response efforts? Don’t hesitate to contact DPA Privacy. We can harness a large pool of Privacy Sherpas. They have expert knowledge and practical experience to guide you through the process of setting up a data breach protocol and embedding it in your organization.