Ad failure to document the breach in a proper manner may lead to the supervisory authority exercising its powers under Art. 58 of the GDPR or the imposition of an administrative fine in accordance with Art. 83 GDPR. In order to meet the requirements resulting from the regulations, the register of breaches should contain information about the breach, including: circumstances of the breach, course and breachd personal data, effects and consequences of the breach.
Specify systems security measures
Description of corrective actions taken by the administrator, and in the event of a decision not to report the breach, it is advisable Latest Mailing Database to document such a fact in the records, together with the reason why the administrator considers the risk of violating the rights and fredoms of natural persons to be unlikely. How to avoid violations? During the first year of application of the GDPR, the controllers reportd exactly 4,539 personal data breaches.
Indicate the right processor We further
In the following years, this number was constantly increasing, and in the last annual report publishd by UODO it was already 12,946. The News US upward trend in the number of reportd breaches may indicate the growing awareness of controllers in this regard and suggest that many organizations have implementd procdures for responding to violations. However, what to do not to be a participant in this number of several thousand in 2023? Each administrator should introduce procdures limiting the possibility of violations (e.g. the procdure for collecting authorizations after the end of work), conduct training, sensitize employees to issues relatd to personal.