Breach Management - Preparing for the Worst |
Available in the Classroom & via Microsoft Teams
Breach Management - Preparing for the Worst
Course Overview
A personal data breach can have a significant impact on an organisation, including exposure to regulatory fines, claims for compensation and damage to reputation. For most organisations, it is now a question of when a breach will occur rather than if.
Organisations are legally required to notify a personal data breach to the relevant data protection authority unless the breach is unlikely to negatively impact individuals. Organisations are additionally obligated to inform affected individuals where the breach is likely to result in a high risk to those individuals.
This practical training session looks at the personal data breach obligations under the UK and EU GDPR in detail and the steps that organisations can take to prepare for and mitigate the risk of a breach. The subject matter will be brought to life through various case studies and real-life war stories.
The course covers the following topics:
- what a personal data breach is and the types of incidents that trigger the requirement to notify
- the steps an organisation should take if it suffers a personal data breach, including what the ICO, and other relevant regulators, expect organisations to do
- actions that organisations should be taking now to prepare for a possible personal data breach, including how to get senior management buy-in for preventative and preparatory actions
- incident response plans and opportunities to mitigate risk
- the requirement for an internal breach register and how to maintain it
It is recommended that delegates attending this session have a basic knowledge of data protection legal requirements. Delegates with no existing knowledge may find it helpful to attend Data Protection Essential Knowledge Level 1 before attending this training course. |