If you discover a personal data breach or suspect a breach may have occurred this must be reported immediately to the Data Protection Officer:
tel: 01 708 6184 or 01 708 3654
The GDPR introduces mandatory breach notifications. All breaches must be reported to the Data Protection Commissioner (DPC), typically within 72 hours, unless the data was anonymised or encrypted. In practice this will mean that most data breaches must be reported to the DPC. Breaches that are likely to bring harm to an individual – such as identity theft or breach of confidentiality – must also be reported to the individuals concerned.
Once a staff member becomes aware of a data breach, the 72 hours begins, whether or not they have notified this office. Therefore, it is imperative that we are notified as quickly as possible.
Our updated Personal Data Breach policy is available to download here: Personal Data Security Incident / Breach Management Procedure
Updated 9th May 2023