The point of any data-related strategy is to avoid incidents, to design them out.
But as that great philosopher of information governance Donald Rumsfeld once said: stuff happens.
So what do you do when it does? You put into place your clear, well-considered plans. Your staff identify and report the incidents you want to know about. Your plan to contain and mitigate the effects of an incident kick in, and you objectively investigate what went wrong. If necessary or wise, you inform the Information Commissioner and the affected people.
In short, you have to acknowledge that stuff happens and you get ready for it. This session will help.
- What do you mean by incident?
- How can you realistically prevent incidents?
- What is a ‘personal data breach’? SPOILER ALERT: it’s a specific kind of incident that is potentially reportable