Prompt reporting allows information governance teams to advise and support you so that swift action can be taken to mitigate risks, enable us to fulfil legal obligations and most importantly, to protect personal data.
Report within 72 hours
The data protection officer must report personal data breaches to the Information Commissioner's Office within 72 hours, and the clock begins to tick from the moment we become aware that a breach has occurred. The Information Commissioner's Office has extensive enforcement powers which include issuing significant monetary penalties. Those affected by personal data breaches may be entitled to bring civil actions against the council. Successful claims can cost tens of thousands of pounds in compensation and legal representation.
Taking your data protection obligations seriously plays such an important role in ensuring that we can continue to meet our budgetary targets and deliver the best value for money to our residents and service users.
As a reminder, data breaches must be reported by logging a ticket on Halo which you can access from your desktop. You can find useful advice on how to avoid data breaches.