Data Breach Incident Log – Template
GDPR requires all firms to keep a log of any and all breaches, even the smallest incidents should be recorded. The log should describe the incident itself, the cause, repercussions, risk of future damage, affected data and measures taken to mitigate the risks to further damage.
You can use this Data Breach Incident log template.
Personal Data Breach and Incident Handling
Not all data breaches are caused by malicious third parties like hackers. There are plenty of examples of accidental loss or accidental unauthorised access:
- A member of staff losing a USB stick/drive that had personal data files on it with the drive nor the data files being encrypted
- A member of the sales staff accidentally posts a revenue report containing names and financial details from customers on the public website rather than the intranet team site
- A member of staff attaches the wrong file to an email, resulting in accidental disclosure of personal data
- A member of staff accidentally deletes client records leading to loss of personal data
For an overview of the GDPR requirements on data breach and when to inform the regulator and affected individuals, so consult our Personal Data Breach – Overview knowledge base item on this topic.
Check other useful GDPR Templates
Free GDPR privacy policy test – check if your site is compliant
Wondering if your privacy policy is GDPR Compliant ? We encourage you to perform a quick and free GDPR compliance scan of your privacy policy, simply paste in the link to your privacy policy web page here in our Privacy Policy Checker, and see where you stand with GDPR compliance efforts.
GDPR Compliance software for the SME – GDPRWise App
Get access to our GDPR compliance software. GDPR requirements have been simplified and reduced to their essence for you. In a single click, the GDPRWise App can generate your privacy policy and GDPR register, based on the sector specific content we provide in your online GDPRWise dossier. Our software solution holds listings of the processing activities that touch on personal data in a great many industries.
