A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. This includes both confirmed and suspected breaches that are the result of accidental and deliberate causes.
Examples of Data security breaches may include:
If you confirm or suspect any data security breaches, you should:
Once a data breach incident has been reported, an initial assessment will be made to establish the severity of the breach and the forwarding actions should be.
In the case of a personal data breach, the Data Protection Officer (or an appropriate nominee) shall without undue delay and, where feasible, no later than 72 hours after having become aware of it, notify the incident to the supervisory authority (ICO).
There are TWO ways to report an incident
1. Call 0303 123 1113 (Monday to Friday, 9am to 5pm) with the following details, select option 3 to speak to staff who will record the breach and give you advice about what to do next.
2. Fill in a ICO Data Protection Breach Notification Form