Chapter 17

Data Breaches and Reporting Obligations

IN THIS CHAPTER

Bullet Defining and categorizing data breaches

Bullet Exploring risk factors and consequences caused by a breach

Bullet Determining whether a breach has occurred — and taking appropriate action

Bullet Knowing when (and where) to send notifications

Bullet Documenting breaches and evidence of your investigation into the breach

Bullet Sanctions for not following breach protocol

As a data controller or a data processor, your obligation is to secure personal data that you process. If your organization suffers a personal data breach, you have to carry out certain reporting and recordkeeping requirements. Although the only data breaches you tend to hear about are those of large companies, small businesses can suffer data breaches, too. Data breaches more often than not happen accidentally and thus aren’t always a result of malicious intentions.

In this chapter, I ...

Get GDPR For Dummies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial