Breach response checklist
A personal data incident becomes worse when nobody knows who owns the response.
Response flow
- Detect and report internally.
- Contain the exposure or access.
- Preserve logs and evidence.
- Identify affected systems and data categories.
- Assess affected individuals and likely consequences.
- Escalate to leadership and counsel where required.
- Prepare communication and notification material.
- Fix the root cause.
- Document the timeline and decisions.
Train for ordinary failures
Many incidents are mundane: a spreadsheet sent to the wrong person, an exposed drive folder, a contractor with excess access, an old admin account, a leaked database backup, or a marketing upload that was not reviewed.
The process should make those incidents easy to report quickly.