Eeek - I've accidentally shared client data - what do I do?

Would you know what to do if your business was responsible for a personal data breach?

Would you even know what constitutes a personal data breach under GDPR?

The Information Commissioner’s Office (ICO) handed out over £15m in fines to businesses in the UK in 2021, up threefold from 2020.

These fines were issued for a number of data privacy offences including failing to take reasonable steps to protect customers’ data from cyber attack, engaging in nuisance marketing tactics, such as sending unwanted emails and failing to remove customers from marketing databases where appropriate, and failing to have robust processes in place to ensure confidentiality of personal data.

Some of the recipients of these fines were larger companies like Halfords, Saga, Royal Mail and We Buy Any Car, and fines were also issued to a number of public bodies including The Cabinet Office and even The Ministry of Justice.

However, the majority of fines were issued to small businesses and limited companies. These types of business are potentially more exposed to ICO penalty fines for data breaches because they are less likely to have robust processes and policies in place for handling personal data, and specifically personal data breaches. The ICO look unfavourably on the absence of such measures and will issue higher penalty fines as a result.

Make sure you have suitable processes and measures in place, not only for handling personal data securely and safely in line with ICO guidance, but also in the event that you do suffer a personal data breach and need to follow the correct reporting procedures under UK GDPR.

In our short course – Privacy and Data Protection – we cover the key aspects that your business needs to consider and cover to ensure that you are compliant with privacy and data protection legislation. Also included in the course is a guidance document with checklists, covering what you need to know about personal data breaches and how to handle one if it occurs in your business.

And good news – we keep the materials in this course up to date with current legislation, as with all of our courses and products, and will let you know when updates are made.

Click here to grab our short course, including the checklists, and get protected. Within this course you'll get short videos explaining what personal data is, what special category data is, how to create your own data privacy policy, information about data processing agreements (vital if you are, or if you use, third party data processors) and guidance and checklists for handling personal data breaches.

Lucy x