You review and monitor personal data breaches.
Ways to meet our expectations:
- You analyse all personal data breach reports to prevent a recurrence.
- Your organisation monitors the type, volume and cost of incidents.
- You undertake trend analysis on breach reports over time to understand themes or issues.
- Groups with oversight for data protection and information governance review the outputs.
Can you answer yes to the following questions?
- Could we see an example of how you handled an incident that required lessons to be learned?
- Were the steps you took to prevent a recurrence of the incident effective?