In the year prior to the implementation of GDPR, UK businesses failed to report data breaches in a timely manner. On average it took companies two months to complete the reporting to the Information Commissioners Office (ICO) UK, and often these reports were incomplete and missing vital information.
The ICO have stated that since the implementation of GDPR, which has brought much needed tighter regulations around data protection and security, they have received more than 11,000 data breach reports.
An ICO spokesperson has stated that breach notifications are not simply a “administrative task” but speak on accountability which is a cornerstone of the GDPR.
Furthermore, the spokesperson went on to state that only by having strong data governance will organisations be able to properly report the details of the breach in the required time.
As referenced by the ICO, only when organisations implement the proper data governance processes into their internal functions, will they be able to properly manage data breaches – something which is seemingly being overlooked.
The ICO went onto say that data breach reporting will encourage companies to invest in better security and data governance.
Investing in your understanding of the complexities of security and data governance, will also aid your businesses compliance and ability to protect itself.