UK GDPR & Data Breaches - A Guide to ICO Notification Requirements

Introduction

The UK General Data Protection Regulation retains the requirement for organisations to notify the ICO and in some cases the individuals affected by a ‘personal data breach’. To date, the only fines that have been levied under the UK GDPR all relate to security concerns and several of these have exceeded £1million. More recently, a firm of solicitors have become the first to be fined under the UK GDPR for a ransomware attack.

This webinar summarises the key provisions of the UK GDPR and the relevant ICO guidance. It also summarises the key lessons to be learned from the ICO’s enforcement action.

What You Will Learn

This webinar will cover the following:

• Meaning of ‘personal data breach’ - wider than you might think
• Notification requirement - when and how to notify and potential changes to this requirement
• Communication requirement - when and how to communicate
• Risk assessment factors
• ICO’s breach reporting form - how to use it
• Law firm enforcement action - lessons to be learned
• Summary of practical steps to take

This pre-recorded webinar will be streamed at 12:30pm on Monday 31st October 2022 and will remain available to view by delegates who have registered by then for 90 days.