Assessing and reporting data breaches

Ask us a question

A mail item that has been returned openend, a laptop that is stolen or an e-mail that reaches the wrong recipient – these are all examples of potential data breaches. As an organization that processes personal data, you are obliged to report a data breach to the Dutch Data Protection Authority (DPA) if there could be serious adverse consequences for those involved. In some cases, these data subjects themselves must also be notified. In addition, you must document all data breaches, even if they did not have to be reported to the DPA.

In practice, many organizations find it difficult to determine whether there really is a data breach and whether that data breach must be reported to the DPA or to those involved. Charco & Dique can help you with this.

What we can do for you

We can support you by:

  • analyzing the incident;
  • assessing whether there is a data breach;
  • weighing the severity of the data breach;
  • advising whether a notification is required;
  • reporting the data breach;
  • recordinging the data breach; and
  • preventing repetition.