Data Breach Policy
At The Lord Caradon Lectures Trust we understand that EU citizens have certain rights in respect of their personal data and we need to have a process in place to deal with data breaches should they occur under the GDPR regulations.
The Lord Caradon Lectures Trust will appoint a person responsible for keeping the data breach register up to date and be responsible for all aspects of overseeing the Trust is compliant for any data breaches within the GDPR regulations.
When a data breach has occurred, the ICO suggests the need to establish the likelihood and severity of the resulting risk to people’s rights and freedoms. If it’s likely that there will be a risk then we will notify the ICO; if it’s unlikely then we will not report it.
In any case, each breach will be assessed and the decision agreed will be justified and documented in a register. Assessments will be considered in line with advice from the ICO website.
Reporting time limits
Any applicable data breaches will be reported to the ICO within 72 hours where possible and to the affected individual (s) without delay.