Screen Reader Mode Icon

Question Title

* 1. You’ve suffered a data breach. Do you have a breach response plan in place?

Question Title

* 2. Do you know how much personal data you process, and are you aware of any special categories this data may fall into?

Special categories include:
  • Racial or ethnic origin 
  • Political opinions 
  • Religious beliefs or other beliefs of a similar nature 
  • Trade union membership 
  • Physical or mental health or condition 
  • Sex life and sexual orientation 
  • Genetic data and biometric data

Question Title

* 3. In the event of a breach, could you identify how many data records may be affected and the nature of that data?

Question Title

* 4. Are you aware of all your data breach risks and do you know what impact a breach would have on both your business and its data subjects?

Question Title

* 5. Do you know how long it would take your organisation to restore critical functions following a breach?

Question Title

* 6. Do all staff involved in processing personal data receive data protection training at least every two years?

Question Title

* 7. Are all staff aware of the reporting procedure to follow if they discover (or even suspect) a potentially damaging data security incident?

Question Title

* 8. Do you follow data security best practice as proposed by leading standards (e.g. the PCI DSS or ISO 27001)?

Question Title

* 9. Do you have specific measures in place to address any data breaches that occur in order to limit any further damage?

Question Title

* 10. The GDPR mandates that certain personal data breaches must be reported to the ICO (Information Commissioner’s Office) within 72 hours of discovery. Are you confident you can meet this deadline?

Question Title

* 11. In the event of a breach, do you have a communication plan for informing all relevant parties affected by the incident?

Question Title

* 12. Have you appointed a DPO (data protection officer) or assigned responsibility for data protection?

0 of 12 answered
 

T