Awdurdod annibynnol y Deyrnas Unedig a sefydlwyd i gynnal hawliau gwybodaeth er budd y cyhoedd, annog cyrff cyhoeddus i fod yn agored a hybu preifatrwydd data i unigolion.

Reviewing and monitoring

You review and monitor personal data breaches.

Ways to meet our expectations:

  • You analyse all personal data breach reports to prevent a recurrence.
  • Your organisation monitors the type, volume and cost of incidents.
  • You undertake trend analysis on breach reports over time to understand themes or issues.
  • Groups with oversight for data protection and information governance review the outputs.

Can you answer yes to the following questions?

  • Could we see an example of how you handled an incident that required lessons to be learned?
  • Were the steps you took to prevent a recurrence of the incident effective?