top of page

Protect your organisation from data subjects taking action against you

Data Breach - Data Controllers: Text

Report breach to Data Protection Commission

Any data breach where there is any risk to data subjects (even low risk) must be reported to the Data Protection Commission in a specified procedure, in the designated format and within 72 hours. Failure to do so is a serious offence. 

If you are over 72 hours contact us as a matter of urgency to reduce your liability or mitigate loss. 

Notify Data Subjects

You must take action to reduce the risk to data subjects and you must inform them if there is a high risk of their personal data being processed in a manner that could cause them loss, harm or upset. Failure to do so is a serious offence as you are contributing to a data subject's loss and unable to prove compliance.

Maximum fines

Criminal Sanctions of up to €50,000 and/or up to 5 years imprisonment in the Circuit Court apply under the Data Protection Act 2018 for any illegal disclosure. Company officials and managers can be held both personally and criminally liable coupled with the fact the Data Protection Commission can charge you for the cost of the investigation if found guilty.

Protect against litigation

Data subjects (customers, employees, etc.) can sue for any data breach via a "data protection action" under the Data Protection Act 2018. Protect yourself and your organisation by properly dealing with a data breach thereby reducing your risk of litigation, fines and criminal sanctions.

Data Breach - Data Controllers: Clients

The effect of any data breach could have serious consequences for a data subject; such as identity theft, fraud and, if applicable, illegal use of credit cards or payment details.

In such cases, a data controller will be liable for any damage caused by the breach.

Furthermore, under the Data Protection Act 2018, data subjects are entitled to claim for non-material damages, such as distress or upset for the data breach. A simple data breach could affect thousands of data subjects and each one may be entitled to make a complaint against you.

Organisations have to protect themselves from mass complaints.

In order to protect your organisation and even yourself in cases where the breach was caused by human error, please feel free to email us at with an outline the breach and your contact details.  We would be happy to explore how we can help you.

Your data will be processed in accordance with our Privacy Policy.

Data Breach - Data Controllers: Text
bottom of page