Data Leaks

We help you to comply with the GDPR, for example by reviewing (and where necessary) reporting data leaks

Overview of Data Leaks

An item of mail that has been returned opened. An email accidentally sent to the wrong person. A stolen laptop. These are all examples of possible data leaks.

As an organisation processing personal data you are obliged to report data leaks to the Data Protection Authority and you must also inform the data subject if the breach could have grave consequences for them. In any event, you should keep a record of all data breaches, even if they do not need to be reported to the Authorities.

Experience has taught us that organisations often struggle to determine whether there has been a data leak and if it should be reported to the Authorities (and the data subject). Our privacy consultants can help you decide.

Assessing and reporting data leaks

Deciding whether to report a data leak can be difficult. You need to find a way to make a decision that weighs up all considerations. It should also be easy to understand and replicate. We can help you to:

  • Analyse the incident
  • Assess whether a data leak or breach has occurred
  • Weigh up the severity of that data leak
  • Advise whether a notification is required
  • Report the data leak
  • Record the data leak
  • Prevent a recurrence of similar data leaks