Despite your best efforts with GDPR your business might suffer a data breach.
It’s probably not the end of the world but in this blog data protection expert, Karen Heaton, explains what happens next.
We have discussed in our previous blog the potential level of fines for data breaches and some common causes of these breaches.
Our blog today, answers the questions of: what exactly constitutes a reportable data breach? Whose responsibility is it to report it?
We will look at guidance from the European Data Protection Board on examples of data breaches and whether to report them to, the data subject/s or the Information Commissioner’s Office (ICO).
Data Breach Definition – defined in the GDPR Article 4(12) as:
“a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed”
What this means in practice is that all data breaches are security failures, but not all security failures are data breaches. And… not all data breaches have to be reported to either (or both) the data subject/s or ICO.
So, how do you know what to report or not? Have you had a breach? How would you know?
When assessing a security incident, the Data Controller should:
a) assess whether the security incident has or is likely to, result in a loss of personal data and then
b) decide whether that breach is likely to result in or will result in a high risk to the Data Subject.
Of course, this depends on the type, volume or subject matter of the data.
Each breach will have its own unique characteristics depending on the organisation and data affected. See the full list of guidance from the European Data Protection Board here.
It is the responsibility of the Data Controller to assess, resolve and report data breaches. Any suppliers (Data Processors) who are involved in the incident must assist the Data Controller in the investigation and provide fixes where appropriate. Therefore, it is important to Know Your Data (KYD) and ensure that you understand your responsibilities in each potential scenario.
Today’s fact. Did you know that the ICO’s website lists organisations who have or are being audited in addition to lists organisations being monitored for concerns about compliance??
=> Take your data protection responsibilities seriously, know your data (KYD) and be operationally compliant to avoid the reputational damage from your company name being listed on the ICO website.
See you next week!
We don’t believe in forms, we believe in talking to people, finding out your needs and tailor-making a solution just for you.
Give us a ring on 020 7125 0270 or email us at info@bluedotconsulting.co.uk
“Michael and the Blue Dot team have been an essential part of our journey from startup through to being an established company, and we look forward to continuing working together long into the future. They have always been on hand to offer support and sound advice whenever it is needed.”
“Blue Dot have been our accountants and bookkeepers since the very beginning of our business, and have been nothing short of outstanding throughout.”
“Blue Dot Consulting went above and beyond in helping us navigate not only the transition to cloud-based accounting but also in leading our accounts team through a broader period of transformation.
Their deep understanding of our unique needs and challenges was evident from the outset. They provided unwavering support to our team, ensuring they felt confident and well-prepared for the changes ahead.”
“Thank you again for your help and training so far – it’s honestly been invaluable.”
“I’m no expert but it has been transformative the help and advice I get from Michael and his team.
Michael was fantastic. He quizzed me on how my business worked financially and was super patient with me. Explaining everything in a non-accountancy manner. He then showed me how to utilise all the less obvious tools in the program, which he continues to do, so that I can see immediately what monies held belonged to my company and what is held for clients. I now do my own VAT returns and payroll because of his help and continued support.”
“I really enjoy working with Blue Dot Consulting — they’ve helped me take control of our financial situation in a practical, no-nonsense way.
They take a common-sense approach and, most importantly, they get things done. For example, we now have weekly planning and forecasting calls, along with monthly cash flow reviews using simple, easy-to-understand spreadsheets.
Their support has made a huge difference in how we manage and plan for the future.”
“As the business owner, it can get lonely making all the decisions. I feel I have a ‘silent FD’ that I can call, challenge and that any idea is OK to discuss, and to arrive at a sensible way forward.”
“Having someone in the room that is happy to (in a structured way) challenge the norm and not simply accept that, because things look good, we should stop looking to improve.”
“Blue Dot are uncompromisingly systematic and thorough so that you can get on with running your business.”
“Outstanding service and support. They get things done, just what you need. Recommended.”
“It was the genuine level of care and interest in what we do as a business.
The regular check-ins and the effort to ensure the systems they’ve implemented are working for everyone stood out.
It felt like more than just a service, it was a partnership.”
“I’ve been delighted with both the service and expert advice I’ve received from Michael and his team. They take the weight off my shoulders when it comes to my business’s financial requirements, allowing me to focus on building and managing the company.”
“We are a small organisation with no in-house financial expertise, so it’s a huge weight off my mind knowing that I can rely on Michael and his team to take care of everything.”
“I can wholeheartedly and highly recommend Michael and his team at Blue Dot as an exceptional accounting firm. They put my mind at rest knowing I am in excellent hands.”
“Michael and the team are my saviours. Always helpful, approachable and reliable. They show an interest in my business and give excellent advice and recommendations. Above all, they are highly likeable and fun to work with.”
“They went above and beyond in helping us navigate not only the transition to cloud-based accounting but also in leading our accounts team through a broader period of transformation.”
“You guys are brilliant. It’s been a challenging few weeks facing up to the issues but I do feel positive towards them now and I feel a weight has lifted from my shoulders. I am honestly so thankful!”
“I was a little apprehensive about working with a new accountant but I didn’t need to worry – I have found their approach to be friendly, genuine and they go above & beyond to help.”
“Michael’s straightforward, practical and tailor-made approach was perfect for me and our business.”
“Blue Dot have been our accountants and bookkeepers since the very beginning of our business, and have been nothing short of outstanding throughout.”
