1
Introduction
1.1
This Personal data breach plan:
1.1.1
places obligations on staff to report actual or suspected personal data breaches; and
1.1.2
sets out our procedure for managing and recording actual or suspected breaches.
1.2
This plan applies to all staff[ in the UK], and to all Personal data and special category personal data held by [insert organisation’s name]. This plan supplements our policies relating to [insert policies, eg Data protection, information security and any other relevant policies].
1.3
The table below explains some key terminology used in this plan:
Term Meaning Personal data breach A breach of data security leading to the:—accidental or unlawful destruction of;—loss of;—alteration of;—unauthorised disclosure of; or—access to;personal data transmitted, stored or otherwise processed, eg accidental loss, destruction, theft, corruption or unauthorised disclosure of personal data. Personal data Information relating to a living individual who can be identified (directly or indirectly) from that information. Data subject The individual to whom the personal data relates. Special category personal data (sometimes known as sensitive personal data) Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membershipGenetic dataBiometric data (where used for
To download the latest version of this document and thousands of others like it,
sign-in with LexisNexis or register for a free trial.