How we can help: Efficient, cost-effective management of ICO complaints, data breaches and related incidents
Our data protection solicitors can step in when needed to provide essential guidance on data breach incident management. We can handle the following on your behalf:
- Checking and verifying if a data breach has occurred. Not every data breach needs to be reported. We’ll act proportionately to assess whether the breach presents a risk to an individual’s rights and advise on whether reporting is necessary.
- ICO data breach reporting. As soon as an incident comes to light, we’ll provide ICO with follow up information relating to the extent of the breach and the number of individuals affected.
- Engaging with ICO staff to mitigate the fallout from the breach.
- Notifying data subjects following discussion with the ICO to assess whether there is a sufficiently high risk to data subjects to warrant notification.
- Offering compensation or negotiating settlements with data subjects affected by the breach.
- Reviewing your data protection procedures and carrying out a data protection audit to prevent future breaches from happening. We can also develop new data breach response procedures for future use.
- Provision of staff training to highlight the importance of protecting your data from data breaches.
Guidance on data breach incident management:
The extent to which a data breach ultimately affects your business will often depend on how you – or your external advisors – initially react to the breach.
Do you have a robust data breach crisis management plan in place?
If you don’t you should seek legal advice on how to address the possibility of regulatory intervention. If you or someone in the business discovers the breach you are required to provide details to the ICO within 72 hours. If, on the other hand someone has complained to the ICO about a breach you can expect to be contacted by the regulator and undergo some form of investigation depending on the severity of the breach.
When a breach occurs it is crucial to engage positively with the ICO. The compliance burden placed on business by GDPR is a heavy one. And in our experience the regulator recognises this. The ICO does not expect perfection. Indeed, when investigating complaints the ICO will often attach significant weight to the procedures a company has in place to meet GDPR compliance requirements.
In the course of their work on data protection breaches, our solicitors have built constructive working relationships with ICO staff. This gives us valuable insight into the way complaints are approached and incidents assessed.
What are the benefits of outsourcing data breach management procedures?
External guidance on data security breach management ensures an objective appraisal of the issues and effective engagement with the regulator where necessary.
Reduce business disruption
Outsourcing breach management enables you and your employees to concentrate on your core business, confident that the breach is being handled by specialist data protection advisors.
Access to expertise
You should expect external advisors on data breach management to have a wealth of experience in all areas of GDPR compliance. Many, like the team at Harper James, will have built collaborative relationships with key staff at the ICO enabling your case to be managed effectively.
Improve data protection policies
Following a data breach incident your external advisor will recommend how you can improve your data protection policies to prevent future breaches.
Who we help: Businesses facing ICO investigation
We help businesses that are being investigated by the ICO for breaches of data protection law. In addition we proactively engage with the regulator where a client company has discovered a breach internally and is unsure of the approach to take. We work with large and small enterprises across the country in a diverse range of sectors.
Why choose Harper James Solicitors?
We have a team-based approach so every client benefits from a real depth of expertise. We are also used to working with businesses of all sizes so we can offer a level of service that’s right for you. We’ve worked at some of the most prestigious law firms in the country as well as in industry so you can expect high quality, commercially astute advice at all times.
Find out more about the team here:
Data protection and privacy solicitor
With a wealth of expertise in privacy, data protection, GDPR and cyber-security law, Clive’s distinguished legal career spans three decades in private practice and the public sector.View profile
IP & Commercial Technology Partner
Before joining us Rob worked for Santander bank as an IP/brand management lawyer and also at Shakespeare Martineau.View profile
Our three transparent pricing packages are designed to give you the widest possible access to high-quality legal advice, whatever the size and nature of your business:
Straightforward access to senior solicitors at a competitive rate.
An affordable solution for businesses needing one-off legal support. Receive ‘City’ partner-level expertise at a fraction of ‘City’ prices.
Have legal peace of mind for £189 per month with additional support from £99 per hour.
A monthly subscription legal support package specifically designed for start-ups and smaller businesses.
For businesses requiring 60+ hours of support a year, with prices equivalent to £99 per hour.
Fully account managed quarterly subscription service for businesses with more complex legal needs.