A system for identifying and responding to breaches
The GDPR mandates that organisations notify the relevant supervisory authority—in the UK, the ICO—of all data breaches “without undue delay” or within 72 hours, unless the breach is unlikely to present a risk to individuals.
In scenarios where the organisations identify a high risk to individuals, there is also a requirement to inform everyone whose data was breached.
Understanding your SARS obligations
As part of your GDPR programme, you should have created a mechanism and organisational structures for identifying and responding to breaches. As with Subject Access Requests (SARS), one of the key ongoing challenges is to be sure that your internal capability can work at scale and without incurring significant administrative overheads.
If your organisation is dependent on nominated personnel to execute manual processes around breach reporting, there is a strong risk that you will be unable to meet your statutory obligations in the event of a major incident.
The Northdoor Breach Reporting Solution
To help organisations cut the time required to identify and respond to breaches, Northdoor offers a comprehensive Breach Reporting Solution that ingests information from multiple systems (including SIEM and help desk systems) to provide a clear view at critical times. With embedded workflows and best practices, the solution guides employees through the reporting process and provides integrated security tools to help investigate incidents and prevent recurrence.
The solution also maintains evidence of adherence to internal rules and best practices, and enables the simulation of incidents to test response plans and timelines. As external regulations evolve, the Northdoor solution keeps pace with changing standards in breach reporting, helping you remain compliant and avoid penalties.
Get in touch to request a demonstration:
SolutionIndustrialise your Data Protection programme for faster, more assured compliance
Industrialise your Data Protection & GDPR compliance programmes. Discover eight key services from Northdoor to make GDPR business-as-usual
SolutionSubject Access Requests Solution
Northdoor provides a complete Subject Access Requests Solution to increase both the accuracy and the speed of responding to incoming SARs
GDPR Programme Audit
A comprehensive, structured review of existing GDPR programmes to confirm If a company fitness for purpose and ability to deliver credible compliance.
Latest Blog Articles
To pay or not to pay? The ransomware question you shouldn't have to answer
When it comes to ransomware, prevention is vital. Read how companies are handling their ransomware attacks and what prevention really means.
Boost the scalability of your storage infrastructure while reducing costs with flexible IBM storage
Make data storage more cost-effective and flexible with IBM Storage Utility Offering (SUO) from Northdoor plc.