Breach & Incident Response
Organisations do not have to look far for recent examples of high profile incidents that capture the media’s imagination and result in a consequential loss of customer confidence and damage to its brand.
The senior executive team should own and regularly review their incident response procedure. The procedure should enable responses to be effectively managed, including staff and third-parties or contractors.
How we can help:
- Advise on developing procedures to effectively detect, report and investigate a personal data breach or incident. Under GDPR, failure to report a breach could result in a fine.
- Design and develop a Breach & Incident Response Plan.
- As an appointed DPO, act as the incident responder working with those identified within the Breach & Incident Response Plan.
- Support the regular testing regime of breach and incident response including specific development of bespoke desktop and play book exercises to test decision-making procedures.
- Develop a communication plan for internal and external messaging to clients and staff, offering specific support for press and media handling.
- Provide support to the appointed nominated DPO or business lead in the incident response critical hours.