Practical GDPR: The Diabolical Dossier Data Breach
Picture the scene – you have a folder of incredibly sensitive documents detailing a serious data breach in your employer, a local council. The documents contain witness statements, emails, financial data, and a list of vulnerable people who may have been financially exploited. This treasure trove of sensitive information needs to be sent to your lawyers by the most secure route. There is talk of delivering it via encrypted pen drive, but you, acting as the organisation’s DPO, put a stop to that, preferring a secure electronic transfer.
Or least, you thought you did. Months later, a junior officer comes to you with a shocking claim: a well-known local campaigner claims that he has an explosive ‘dossier’ detailing scandal at the highest level. The only place that she thinks the data can have come from is the file; she thinks the pen drive was made and has fallen into the wrong hands.
Join your fellow delegates in deciding on how to deal this incident – do you need to tell the ICO? Do you need to tell the affected individuals? How do you contain the incident and get the data back? You won’t be trained in the detail of breach reporting and investigation on this course; this is – virtual – hands-on dealing with the incident. You will get a bundle of reading so you’re up to speed.
The course runs at 2.5 – 3 hours and is fully interactive. There are materials that you will need to read in order to prepare properly for this course. You will need a working microphone to participate (camera not required).