ProvePrivacy Logo | Blue Green

Back to home

Data Breaches

Personal Data Breach

Breach Management | ProvePrivacy | Article Image 8

A personal data breach is defined as a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. 

The above definition however does not take into account the impact of the breach, which must be considered if the breach is to be reported to the supervisory authority.

  • A breach which is believed could result in a risk to the data subject, must be reported to the supervisory authority within 72 hours of becoming aware, therefore prompt reporting of incidents is essential.
  • A breach which is believed could result in a high risk to the data subject must also be reported to the data subject.

The most important aspect for any colleague to understand is to report any incident which meets the definition above in order that an incident investigator can assess the breach and determine if it should be reported and how it should be treated.

Manage personal data and privacy risks

Suggested reading

You might also like

Scroll to Top

Contact us

If you would like to ask more questions or to arrange training, complete the form below and we will respond shortly.

See our Privacy Statement for more details.

Get expert tips and business insights