DAC Beachcroft Breach Response Planner
European data protection regulators recommend that any organisation that handles personal data should have a data breach plan in place. Failure to have a plan could mean that an organisation is ill-prepared to respond to security breaches, comply with legal reporting requirements and could increase the prospects of financial sanctions, data subject claims and damage to reputation.
Aimed at risk managers, in-house counsel, data protection and security professionals, the DAC Beachcroft Breach Response Planner provides a step-by-step guide to building a practical plan for managing data breaches and other cyber incidents. The planner includes helpful tips and default content that can be easily customised.
Your plan is easily accessed at any time, from anywhere, on any device. It connects all your key stakeholders keeping them informed and engages with best-practice breach response.
This plan consists of five steps. Each step will require your input to ensure it is appropriately tailored to your organisation:
- Step 1 details the key individuals who form the internal breach response team, their contact details and, in the case of the most important roles, their responsibilities. Depending on the severity of the breach, the plan provides for an escalating scale from Bronze, Silver to Gold, building the internal breach response team with greater resource and seniority in the organization.
- Step 2 details the key individuals who form the external breach response teams, their contact details and, in the case of the most important roles, their responsibilities.
- Step 3 sets out protocols relevant to the breach response plan. These are the “rules of the road” that will apply when responding to a breach.
- Step 4 sets out the plan itself. This consists of four stages: (1) detection of breach; (2) triage and containment; (3) assessment; (4) notification and evaluation.
- Step 5 sets out the frequency for the plan to be tested and reviewed.