In cases where there has been an incident which resulted in a potential breach of the GDPR, it is imperative that you report this immediately to Information Security Governance.
While this list is non-exhaustive it does give examples of some of the more common data breaches and 'near misses' that should be reported.
- Accessing personal data by an unauthorised third party;
- deliberate or accidental action (or inaction) by a controller or processor affecting the security of personal data;
- sending personal data to an incorrect recipient;
- computing devices containing personal data being lost or stolen;
- altering personal data without permission;
- losing the availability of personal data; and
- any 'near miss' incident that had the potential to cause a data breach even though it might not have done so.
Please visit the data protection page that has more information on this and how to report a personal data breach. Users should put in [GDPR] in the subject line when contacting ISG.