Data breach register
Data breach register

The following Risk & Compliance precedent provides comprehensive and up to date legal information covering:

  • Data breach register

IP COMPLETION DAY: 11pm (GMT) on 31 December 2020 marks the end of the Brexit transition/implementation period entered into following the UK’s withdrawal from the EU. At this point in time (referred to in UK law as ‘IP completion day’), key transitional arrangements come to an end and significant changes begin to take effect across the UK’s legal regime. This document contains guidance on subjects impacted by these changes. Before continuing your research, see Practice Note: What does IP day mean for Risk & Compliance?

This Precedent reflects reporting and recording requirements under the General Data Protection Regulation (GDPR). It can be used to help you record, manage and monitor data breaches. It will ensure you capture the information you are required to record under the GDPR as well as the information you will need to notify a data breach to the Information Commissioner’s Office (ICO) and/or affected data subjects.

See also Precedent: Personal data breach plan.

Requirement to keep a record

You must document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken.

Notifying the ICO

Popular documents