Data Breach Advisory Box
Personal data breach is the biggest challenge posed by the GDPR for businesses. Companies are obliged to detect the breach and manage it in a very short period of time both in relation to the Hellenic Data Protection Authority (competent Authority) and to the data subjects.
The notification to the supervisory Authority shall take place in a timely manner and contain sufficient information about the impact of the breach on the data subject and the actions to investigate and limit the breach.
Improper and inadequate handling of a personal data breach incident can jeopardize the reputation of any organization and lead to a fine. The most important mistakes in managing such incidents are usually the following:
- Inadequate communication with the Hellenic Data Protection Authority
- Notification of incorrect information
- Poor management of limited notification time
- Incorrect or inadequate responses to the Authority and to the requests of the data subjects
Andersen Legal has one of the most experienced teams of Data Protection Specialists, who have carried out numerous compliance projects and have managed the largest number of breach cases.
- We will guide you through the steps you need to take when dealing with a personal data breach emergency.
- We will assess whether there is an obligation to notify the data breach.
- We will assist you with the notification and we will manage the breach in relation to the Authority.
- We will investigate the reasons that led to the breach and we will prepare your company to take the necessary measures to prevent similar breaches in the future.
- We will help you mitigate the adverse effects of the personal data breach.
The best way to avoid breaches is the proper organization and training of your staff.