Data breach? GDPR or PR first? - GENCFO Clubhouse - GENCFO Community Member Platform

Data breach? GDPR or PR first?

GENCFO Clubhouse

Data breach? GDPR or PR first?

Posted by Chris Argent on 13 April 2023 at 8:37 AM

Who should I inform after a data hack?

https://www.thetimes.co.uk/article/1351e26c-d839-11ed-89ad-19e3cfc05db4?shareToken=c73407c6fac4b75341901a2cdff66428

Val Elliott replied 2 years, 8 months ago 4 Members · 4 Replies
4 Replies

Chris Argent

Host
13 April 2023 at 8:39 AM

Here the official guidelines- https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/
Tanbir Jasimuddin

Member
13 April 2023 at 9:13 AM

Address GDPR first – not only is there a hefty fine at risk, but you will still suffer the cost of bad PR
Unknown Member

Member
13 April 2023 at 10:19 AM

You need to work on both straight away but more importantly you need to prepare for a breach now and kick the plan into action immediately following the breach. Yes GDPR has massive potential financial penalties for non compliance but, depending on your business, poor customer communication can damage your business, potentially terminally.

I’m currently working as an adviser with Kroll, a leading Cybersecurity provider, who support companies in their response in more than 3,000 breaches a year. They have a good basic introduction to developing your response plan @ https://www.kroll.com/en/services/cyber-risk/governance-advisory/incident-response-plan-development
- Val Elliott
  
  Member
  2 May 2023 at 9:58 AM
  
  Agree. Part of the obligations is to inform those affected and the right tone will pay back.
  
  Dealing with a potential issue with a voluntary group at the moment and interesting that public perception of GDPR is not quite aligned with reality and it is that perception that needs to be handled carefully.

Log In to Reply

Log in to reply.