Sign-in Help

Data breaches

View Risk & Compliance by content type:

News
Practice notes
Precedents
Q&As

Latest Risk & Compliance News

Ringing the changes with the CPS’s Economic Crime Strategy 2025

Ringing the changes with the CPS’s Economic Crime Strategy 2025

The following Corporate Crime news provides comprehensive and up to date legal information on Ringing the changes with the CPS’s Economic Crime Strategy 2025

Risk & Compliance weekly highlights—8 April 2021

Risk & Compliance weekly highlights—8 April 2021

The following Risk & Compliance news provides comprehensive and up to date legal information on Risk & Compliance weekly highlights—8 April 2021

LexisPSL and MLex trial new interactive EU GDPR enforcement tracker

LexisPSL and MLex trial new interactive EU GDPR enforcement tracker

The following Commercial news provides comprehensive and up to date legal information on LexisPSL and MLex trial new interactive EU GDPR enforcement tracker

DPAs may not be receiving sufficient judicial scrutiny

DPAs may not be receiving sufficient judicial scrutiny

The following Corporate Crime news provides comprehensive and up to date legal information on DPAs may not be receiving sufficient judicial scrutiny

Featured Risk & Compliance content

Money Laundering Regulations 2017—simplified due diligence

Money Laundering Regulations 2017—simplified due diligence

You may apply simplified customer due diligence (SDD) measures in relation to particular business relationships or transactions which you determine...

Facilitation payments under the Bribery Act 2010

Facilitation payments under the Bribery Act 2010

Facilitating the performance of a duty by public officialsFacilitation payments, also known as facilitating or grease payments, are generally small...

What is a solicitor's undertaking?

What is a solicitor's undertaking?

An undertaking is a commitment by a solicitor to do something. It can be enforced against the solicitor by the courts. Failure to comply with an...

Dawn raid—who can raid my organisation and why?

Dawn raid—who can raid my organisation and why?

The UK Government has legislated to permit a number of UK authorities to obtain search warrants to 'raid' a business premises. The potential for a...

Practice notes

Active bribery, passive bribery and bribing foreign public officials

The purpose of this Practice Note is to provide a general understanding of the offences under section 1, 2 and 6 of the Bribery Act 2010 (BA 2010). It...
Read More >
Produced in partnership with Joanne Kane of Carmelite Chambers 12th Jan
Practice notes

High-risk third countries tracker

This Practice Note lists high-risk third countries identified by the Financial Action Task Force (FATF), HM Treasury and the European Commission as...
Read More >
9th Nov
tag iconIn-house
Practice notes

Getting the Deal Through: Merger Control 2021

Jurisdictions coveredThe following jurisdictions are covered in this report:Albania; Australia; Austria; Belgium; Bosnia and Herzegovina; Brazil;...
Read More >
9th Nov
Precedents

Modern slavery: contract clauses

1DefinitionsModern Slavery Policy•means the Customer's anti-slavery and human trafficking policy as set out in Schedule [insert] as updated by the...
Read More >
9th Nov
tag iconIn-house
Practice notes

AML and counter-terrorist financing—source of funds

Source of funds and wealth was a key focus of the SRA’s Preventing Money Laundering and Financing of Terrorism thematic review, published in March...
Read More >
9th Nov
tag iconIn-house
Practice notes

Introduction to retained EU law

This Practice Note provides an introduction to retained EU law, which is an entirely new legal concept introduced to UK domestic law in preparation...
Read More >
9th Nov
tag iconBrexit
Precedents

Standard contractual clauses—set II—controller to controller (Model Clauses)

DRAFTING FOR BREXIT: For the latest information on the impact of Brexit on the drafting, negotiation and enforceability of this Precedent, see...
Read More >
9th Nov
Practice notes

Money Laundering Regulations 2017—nominated officer

This Practice Note sets out when organisations must appoint a nominated officer, the duties of the nominated officer and practical steps nominated...
Read More >
9th Nov
tag iconIn-house

Most recent Data breaches content

Practice notes

Managing personal data breaches

Data security is a cornerstone of the UK General Data Protection Regulation (UK GDPR). The sixth data protection principle (the integrity and...
Read More >
9th Apr
Practice notes

Managing a personal data breach—process flowchart

This Practice Note illustrates how to manage a data protection breach under the UK General Data Protection Regulation (UK GDPR). It reflects reporting...
Read More >
9th Apr
Precedents

Data breach monitoring record

1General informationDate of monitoring review[insert date of monitoring review]Person conducting monitoring review[insert name]2Volume of data...
Read More >
29th Mar
Precedents

Public statement on data breach

Statement by [insert name of organisation] concerning a significant [cyber attack OR data protection breach] on [insert date].On [date], we were made...
Read More >
1st Mar
Practice notes

Reportable data breach—regulatory examples

This Practice Note contains a spreadsheet, collating detailed data breach examples provided by UK and European regulators. You can consult the...
Read More >
23rd Feb
Precedents

Data breach assessment and action plan

1Data breach teamThe first step is to assemble a team to manage and respond to the breach.Data breach team lead[Insert the name or description of the...
Read More >
22nd Feb
Precedents

Personal data breach plan

1Introduction1.1This personal data breach plan:1.1.1places obligations on staff to report actual or suspected personal data breaches; and1.1.2sets out...
Read More >
22nd Feb
Precedents

Letter notifying data breach to insurer

Letter notifying data breach to insurers[Data insurer’s name and address][Date]Dear [insert organisation name],Notification under Policy Number...
Read More >
2nd Feb
Precedents

Data breach register

This Precedent reflects reporting and recording requirements under the UK General Data Protection Regulation (UK GDPR). It can be used to help you...
Read More >
2nd Feb
Precedents

Data breach report form—internal

If you know or suspect a personal data breach has occurred, please:•complete this form, and•email or deliver it to the [insert, eg the Data Protection...
Read More >
2nd Feb
Precedents

Letter notifying data subject of data breach

On [insert date] we became aware that [describe what has happened, ie how the breach occurred]. The data [accessed OR stolen OR lost OR corrupted][...
Read More >
2nd Feb
Precedents

Data breach—panic sheet

1. Data breach teamDamage limitation is a priority immediately following a security breach. You will need a team of people to manage the data...
Read More >
1st Feb
Precedents

Privacy risk register

Please click for an Excel version of this register. The register consists of three tabs:•sample Privacy risk register—this has been populated with a...
Read More >
28th Jan
Precedents

Information audit form

InformationWhy is it processed?How is it stored?How is it used?How long is it needed?[Personnel files][To record employment history and for appraisals...
Read More >
22nd Jan
Q&As

When does the 72–hour time limit for notifying the ICO of a data breach come into force and start to run?

Article 33 of the General Data Protection Regulation (GDPR), which imposes data breach notification requirements, came into force on 25 May 2018. The...
Read More >
24th Dec
Q&As

Do I need to report a data breach to the ICO during the coronavirus (COVID-19) epidemic?

This Q&A considers whether commercial organisations are obliged to comply with GDPR personal data breach reporting requirements during the coronavirus...
Read More >
22nd Dec
tag iconCOVID-19

Popular documents

LEXISNEXIS

Intercreditor agreement—key provisions

This Practice Note provides an introduction to intercreditor agreements and their key provisions. This Practice Note:•explains the purpose of having an intercreditor agreement and when an intercreditor agreement would be used instead of a deed of priority or subordination deed•provides links to

LEXISNEXIS

Nuisance and the rule in Rylands v Fletcher—common law liability for pollution

Private nuisancePrivate nuisance is an unlawful interference with a person's use or enjoyment of land or some right over or in connection with it. Interference must be unreasonable, and may be caused, eg by water, smoke, smell, fumes, gas, noise, heat or vibrations. Where the defendant has not

LEXISNEXIS

Strike out—no reasonable grounds for bringing or defending the claim (CPR 3.4(2)(a))

Coronavirus (COVID-19): The guidance detailing normal practice set out in this Practice Note may be affected by measures concerning process and procedure in the civil courts that have been introduced as a result of the coronavirus (COVID-19) pandemic. For guidance, see Practice Note: Coronavirus

LEXISNEXIS

Forming enforceable contracts—intention to create legal relations

An intention to create legal relations is requiredThere are various situations in which a court will hold that an agreement is not binding because, though supported by consideration, it was made without any intention of creating legal relations (see, eg, Blue v Ashley).Did the parties intend to