Data Breach Register
This Data Breach Register is designed for recording the details of data breaches and the key results from following the procedure laid out in a Data Breach Policy.
A data breach (which may or may not involve personal data) can take many forms. It may, for example, involve the loss or theft of data, the unauthorised access to, use of, or modification of data, or something apparently less direct such as equipment damage, human error, or the loss or theft of equipment.
Full details of a data breach, including the results of the investigation into it and decisions made about key considerations such as notifying the Information Commissioner’s Office and data subjects, should be recorded in a Data Breach Register. Documenting everything is vitally important and will assist you in complying with the UK GDPR’s accountability principle.
This template is designed to be used with a separate table for each recorded data breach. Two tables have been included (complete with sections and prompts for all required information). It is recommended that the second table is duplicated before filling it in so that you have a fresh table to record a subsequent data breach.
Optional phrases / clauses are enclosed in square brackets. These should be read carefully and selected so as to be compatible with one another. Unused options should be removed from the document.
Each table in this Data Breach Register contains the following sections:
1. Data Breach Reference Information
2. Data Breach Details
3. Management of Data Breach
5. Additional Comments
6. Current Status
This Data Breach Register is in open format. Either enter the requisite details in the highlighted fields or adjust the wording to suit your purposes.
Once you have purchased access to the appropriate document folder click on the “Download Document” link below. You will be asked what you want to do with the file. It is recommended that you save the document to a location of your choice prior to viewing.