GDPR Data Breach Report Form Template

Data Breach Report Form (GDPR-Ready)

BS.DAT.BR.03

This Data Breach Report Form is designed for internal use within your business and should be used by staff to report suspected or actual data breaches in accordance with a Data Breach Policy.

A data breach (which may or may not involve personal data) can take many forms. It may, for example, involve the loss or theft of data, the unauthorised access to, use of, or modification of data, or something apparently less direct such as equipment damage, human error, or the loss or theft of equipment.

Staff are instructed to complete the form and to send it to the appropriate individual or department (this should be your Data Protection Officer if you have one). Staff are also reminded that once the form is submitted, they should not attempt to resolve the matter themselves and should certainly not notify the Information Commissioner’s Office or any affected data subjects. Such decisions will generally be – as the saying goes – above their pay grade.

This form can optionally be sent anonymously. If you wish to allow anonymous reporting, it is important to have a mechanism in place for doing so that doesn’t result in the sender being identified indirectly.

The Data Breach Report Form asks for key details of the breach including the date and time it occurred, the date and time it was discovered, the types of data (and, where personal data is involved, data subject) involved, how much data is involved, and what caused the breach.

Many members of staff will not be data protection experts, but they should be trained to spot a breach and encouraged to provide as much information as they can in these circumstances. Awareness of your Data Protection Policy and Data Breach Policy is therefore important.

Upon receipt of this form, the steps set out in your Data Breach Policy should be followed in order to contain, manage, investigate, notify, and respond to the breach.

Optional phrases / clauses are enclosed in square brackets. These should be read carefully and selected so as to be compatible with one another. Unused options should be removed from the document.

This Data Breach Report Form is in open format. Either enter the requisite details in the highlighted fields or adjust the wording to suit your purposes.

Once you have purchased access to the appropriate document folder click on the “Download Document” link below. You will be asked what you want to do with the file. It is recommended that you save the document to a location of your choice prior to viewing.

Top