Data Breaches & Incident Management

Effective issue management from our data protection specialists – protecting your business at a critical time.

When a data breach occurs, we’ll work quickly to help you minimise its financial and reputational impact. While we deal with the ICO and claimants, you can get on with the day-to-day running of your business.

How we can help: Efficient, cost-effective management of ICO complaints, data breaches and related incidents

Our data protection solicitors can step in when needed to provide essential guidance on data breach incident management. We can handle the following on your behalf:

  • Checking and verifying if a data breach has occurred. Not every data breach needs to be reported. We’ll act proportionately to assess whether the breach presents a risk to an individual’s rights and advise on whether reporting is necessary.
  • ICO data breach reporting. As soon as an incident comes to light, we’ll provide ICO with follow up information relating to the extent of the breach and the number of individuals affected.
  • Engaging with ICO staff to mitigate the fallout from the breach.
  • Notifying data subjects following discussion with the ICO to assess whether there is a sufficiently high risk to data subjects to warrant notification.
  • Offering compensation or negotiating settlements with data subjects affected by the breach.
  • Reviewing your data protection procedures and carrying out a data protection audit to prevent future breaches from happening. We can also develop new data breach response procedures for future use.
  • Provision of staff training to highlight the importance of protecting your data from data breaches.

What our clients say

We pride ourselves on delivering an excellent service for clients, but don’t just take our word for it.

Guidance on data breach incident management:

The extent to which a data breach ultimately affects your business will often depend on how you – or your external advisors – initially react to the breach

Do you have a robust data breach crisis management plan in place?

If you don’t you should seek legal advice on how to address the possibility of regulatory intervention. If you or someone in the business discovers the breach you are required to provide details to the ICO within 72 hours. If, on the other hand someone has complained to the ICO about a breach you can expect to be contacted by the regulator and undergo some form of investigation depending on the severity of the breach.

When a breach occurs it is crucial to engage positively with the ICO. The compliance burden placed on business by GDPR is a heavy one. And in our experience the regulator recognises this. The ICO does not expect perfection. Indeed, when investigating complaints the ICO will often attach significant weight to the procedures a company has in place to meet GDPR compliance requirements.

In the course of their work on data protection breaches, our solicitors have built constructive working relationships with ICO staff. This gives us valuable insight into the way complaints are approached and incidents assessed.

What are the benefits of outsourcing data breach management procedures?

External guidance on data security breach management ensures an objective appraisal of the issues and effective engagement with the regulator where necessary.

Outsourcing breach management enables you and your employees to concentrate on your core business, confident that the breach is being handled by specialist data protection advisors.

You should expect external advisors on data breach management to have a wealth of experience in all areas of GDPR compliance. Many, like the team at Harper James, will have built collaborative relationships with key staff at the ICO enabling your case to be managed effectively.

Following a data breach incident your external advisor will recommend how you can improve your data protection policies to prevent future breaches.

Who we help: Businesses facing ICO investigation

We help businesses that are being investigated by the ICO for breaches of data protection law. In addition we proactively engage with the regulator where a client company has discovered a breach internally and is unsure of the approach to take. We work with large and small enterprises across the country in a diverse range of sectors.

Pricing plans

Our three transparent pricing packages are designed to give you the widest possible access to high-quality legal advice, whatever the size and nature of your business:


Straightforward access to senior solicitors at a competitive rate.

An affordable solution for businesses needing one-off legal support. Receive ‘City’ partner-level expertise at a fraction of ‘City’ prices.


Have legal peace of mind for £189 per month with additional support from £125 per hour.

A monthly subscription legal support package specifically designed for start-ups and smaller businesses.


Providing you with priority access to a dedicated panel of highly experienced solicitors.

Fully account managed quarterly subscription service for businesses with more complex legal needs.

What next?

Please leave us your details and we’ll contact you to discuss your situation and legal requirements. There’s no charge for your initial consultation, and no obligation to instruct us. We aim to respond to all messages received within 24 hours.

  • Your data will only be used by Harper James Solicitors. We will never sell your data and promise to keep it secure. You can find further information in our privacy policy.

  • This field is for validation purposes and should be left unchanged.

A national law firm

We mainly work remotely, so we can work with you wherever you are. But we can arrange face-to-face meeting at our offices or a location of your choosing.

Our commercial lawyers are based in or close to major cities across the UK, providing expert legal advice to clients both locally and nationally.

Floor 2, Cavendish House, 39-41 Waterloo Street, Birmingham, B2 5PP
Stirling House, Cambridge Innovation Park, Denny End Road, Waterbeach, Cambridge, CB25 9QE
10 Fitzroy Square, London, W1T 5HP
13th Floor, Piccadilly Plaza, Manchester, M1 4BT
Harwell Innovation Centre, 173 Curie Avenue, Harwell, Oxfordshire, OX11 0QG
2-5 Velocity Tower, 1 St Mary’s Square, Sheffield, S1 4LP