Step-by-step plan for learning from data breaches
It is important that organisations learn from previous data breaches and do not view maintaining the data breach register solely as an administrative obligation. With this sample step-by-step plan, the Autoriteit Persoonsgegevens (AP), the Dutch data protection authority, helps organisations to learn from previous incidents.
The step-by-step plan enables organisations to monitor:
- if (certain types of) data breaches are increasing;
- what the possible cause of this is;
- whether previously taken measures have worked to reduce the number of data breaches;
- and if additional measures are needed.
Organisations can implement this step-by-step plan periodically as part of the plan-do-check-act cycle. This allows organisations to structurally evaluate and improve the protection of personal data.
Download
Manual
More information
This page was last edited on
.