Taking Control of Data Breaches

Untangling Perception and Reality

Created by our practising Data Protection Officers, this information is based on evidence, not headlines and will help you understand GDPR, understand what is considered a data breach and feel confident when dealing with one.

This paper is about taking control of data breaches, but it’s hard to take control of something unless you understand it. The information we’ve used comes directly from the Information Commissioner’s Office (ICO) and relates to breaches that were serious enough to require reporting. Our own experience is that actual incidents may outweigh reported ones by a factor of 30 or more.

This paper provides the background information for you to adopt a risk managed

approach to data breaches. By studying the statistics, we can draw conclusions about the types of breaches you’re likely to face. You’ll see that most breaches happen because of human error, not malicious hacking. We will discuss the circumstances that are likely to lead to those sorts of errors