BLS Stay Compliant
Frequently Asked Questions
Data Breaches

How to Report a Data Breach

When a data breach is suspected, it must be assessed promptly to determine if it involves personal data. If confirmed, organisations must:

  1. Report the breach internally to the DPO or the responsible person.

  2. Assess whether the breach poses risks to individuals’ rights and freedoms.

  3. Use the ICO’s reporting tool to submit details within 72 hours of becoming aware.

  4. Notify affected individuals if there is a high risk of harm.

Failure to report within the timeframe can result in fines and enforcement action. Effective breach management policies and staff awareness training are critical components of compliance.

Share this post

Freedom of Information
Are There Any Exemptions Under FOIA?

Are There Any Exemptions Under FOIA?

Roles Within Data Protection
Can a SIRO and Caldicott Guardian Be the Same Person?

Can a SIRO and Caldicott Guardian Be the Same Person?

Roles Within Data Protection
Can a SIRO and DPO Be the Same Person?

Can a SIRO and DPO Be the Same Person?

DSPT
Do I Need an Independent Audit as Part of My DSPT Submission?

Do I Need an Independent Audit as Part of My DSPT Submission?

Freedom of Information
How Can a FOI Request Be Made?

How Can a FOI Request Be Made?

Data Breaches
How Can Employees Protect Personal Data in the Workplace?

How Can Employees Protect Personal Data in the Workplace?

DSPT
How Do I Know What DSPT Category I Fit Into?

How Do I Know What DSPT Category I Fit Into?

Freedom of Information
How Long Do We Have to Respond to a FOI Request?

How Long Do We Have to Respond to a FOI Request?

Data Protection
How Should Companies Handle Personal Data?

How Should Companies Handle Personal Data?

Data Breaches
How to Report a Data Breach

How to Report a Data Breach

DSPT
Is the DSPT Mandatory?

Is the DSPT Mandatory?

Data Breaches
What Are Common Causes of Data Breaches?

What Are Common Causes of Data Breaches?

Data Protection
What Are Individuals’ Rights and Access?

What Are Individuals’ Rights and Access?

Roles Within Data Protection
What Are the Caldicott Principles?

What Are the Caldicott Principles?

Data Protection
What Are the Consequences of Non-Compliance?

What Are the Consequences of Non-Compliance?

DSPT
What Are the DSPT “Standards Met” Levels?

What Are the DSPT “Standards Met” Levels?

Data Breaches
What Are the Timescales for Reporting a Data Breach?

What Are the Timescales for Reporting a Data Breach?

What Are the Timescales for Responding to a SAR?

What Are the Timescales for Responding to a SAR?

Roles Within Data Protection
What Does a Caldicott Guardian Do?

What Does a Caldicott Guardian Do?

Roles Within Data Protection
What Does a SIRO Do?

What Does a SIRO Do?

Data Breaches
What Is a Data Breach?

What Is a Data Breach?

Freedom of Information
What Is a Freedom of Information (FOI) Request?

What Is a Freedom of Information (FOI) Request?

What Is a Subject Access Request (SAR)?

What Is a Subject Access Request (SAR)?

Data Protection
What Is Data Protection?

What Is Data Protection?

Data Protection
What Is DUAA?

What Is DUAA?

Data Protection
What Is GDPR?

What Is GDPR?

Data Protection
What Is Special Category Data?

What Is Special Category Data?

DSPT
What Is the CAF DSPT?

What Is the CAF DSPT?

DSPT
What Is the DSPT?

What Is the DSPT?

Data Breaches
What Should I Do If I Suspect a Data Breach?

What Should I Do If I Suspect a Data Breach?

Roles Within Data Protection
What’s the Difference Between a Caldicott Guardian and SIRO?

What’s the Difference Between a Caldicott Guardian and SIRO?

What’s the Difference Between a SAR and an AHRA Request?

What’s the Difference Between a SAR and an AHRA Request?

DSPT
When Does the DSPT Need to Be Completed By?

When Does the DSPT Need to Be Completed By?

Who Can Make a Subject Access Request?

Who Can Make a Subject Access Request?

Freedom of Information
Who Does FOIA Apply To?

Who Does FOIA Apply To?

Data Protection
Who Is Responsible for Data Protection in a Company?

Who Is Responsible for Data Protection in a Company?

Roles Within Data Protection
Why Do I Need a Data Protection Officer (DPO)?

Why Do I Need a Data Protection Officer (DPO)?

Roles Within Data Protection
Why Is a DPO a Legal Requirement?

Why Is a DPO a Legal Requirement?

Data Protection
Why Is Data Protection Important?

Why Is Data Protection Important?

All FAQS