All too often, data breaches are a result of preventable, internal errors. These mistakes and the reputational damage that follow them are increasingly keeping business leaders up at night. What is often most concerning is that it’s not only the financial damage that can cause catastrophe. When the personal data of thousands of customers and partners are affected by a data breach, organisations can also face significant legal ramifications in the form of litigation and GDPR violations.
A data breach notification must contain at least the following information:
- a description of the nature of the personal data breach, including, where possible, the categories and approximate number of data subjects, the categories concerned and the approximate number of personal data sets concerned;
- the name and contact details of the Data Protection Officer or other contact point for further information;
- a description of the likely consequences of the personal data breach;
- a description of the measures taken or proposed by the controller to address the personal data breach and, where appropriate, measures to mitigate its possible adverse effects.
The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals.
FTI Consulting, Inc., including its subsidiaries and affiliates, is a consulting firm and is not a certified public accounting firm or a law firm.
/Passle/62ab066ff636e91658609b68/SearchServiceImages/2024-04-03-14-11-15-416-660d6383645b1cc2c39a1c14.jpg)
/Passle/62ab066ff636e91658609b68/SearchServiceImages/2024-04-23-01-53-31-779-6627149bd100dba38ac134da.jpg)
/Passle/62ab066ff636e91658609b68/SearchServiceImages/2024-04-03-13-21-35-814-660d57df352e0cd8a97431a3.jpg)
/Passle/62ab066ff636e91658609b68/SearchServiceImages/2024-02-21-10-41-25-972-65d5d355994355dd89ed657e.jpg)