GDPR and Data Breach Management
With the Data Protection Act 2018 and General Data Protection regulations (GDPR) coming in to force last month our Data Breach Management Guide and Reporting Form have been updated. These are available on the intranet here: Information Security.
Please note that it is imperative that all breaches are reported swiftly and efficiently. The council only has 72 hours to investigate severe breaches and report them to the Information Commissioner’s Officer (ICO). The 72 hours begins as soon as any person in the council becomes aware of, or suspects, a breach. Only the Data Protection Officer (Alison Morris, Records and Heritage Manager) will report breaches to the ICO.