Protect your organisation from data subjects taking action against you
Report breach to Data Protection Commission
Any data breach where there is any risk to data subjects (even low risk) must be reported to the Data Protection Commission in a specified procedure, in the designated format and within 72 hours. Failure to do so is a serious offence.
If you are over 72 hours contact us as a matter of urgency to reduce your liability or mitigate loss.
Notify Data Subjects
You must take action to reduce the risk to data subjects and you must inform them if there is a high risk of their personal data being processed in a manner that could cause them loss, harm or upset. Failure to do so is a serious offence as you are contributing to a data subject's loss and unable to prove compliance.
Maximum fines
Criminal Sanctions of up to €50,000 and/or up to 5 years imprisonment in the Circuit Court apply under the Data Protection Act 2018 for any illegal disclosure. Company officials and managers can be held both personally and criminally liable coupled with the fact the Data Protection Commission can charge you for the cost of the investigation if found guilty.
Protect against litigation
Data subjects (customers, employees, etc.) can sue for any data breach via a "data protection action" under the Data Protection Act 2018. Protect yourself and your organisation by properly dealing with a data breach thereby reducing your risk of litigation, fines and criminal sanctions.