The CII have recently developed a data breach notification guide for the local institute network.
A data breach is a breach of security, whether accidental or deliberate, that leads to the unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
Each incident needs to be thoroughly investigated to determine whether an incident is a personal data breach as a matter of upmost priority.
Examples of potential data breaches could be as follows:
- Sending spreadsheets or reports containing personal data to another party without a lawful basis;
- Deleting or amending of personal data without appropriate permission;
- Loss of availability of personal data; and/or
- Sending personal data to anyone other than the intended recipient of that data.
The guide can be downloaded below.
For additional data queries please contact your RMM.