Time/Date of breach incident: |
||
|---|---|---|
Name & contact details of reporter [for further incident information if required] |
||
Nature of breach: [include categories, approximate numbers of data subjects & approx. number of personal records concerned e.g. patients/service users; whether breach included health, antecedent or other sensitive info |
||
| Is breach likely to result in risks to freedoms of the data subject(s)? | No No further action, file and retain report for audit/send DPO copy. |
Yes Complete additional information below and submit to Data Protection Officer within 36hrs of incident notification |
| Name and contact details of Information Asset Owner | ||
| Detail likely consequences of breach | ||
Details measures taken to address the breach: [include appropriate remedial measures taken to mitigate potential adverse effects) |
||
| If breach considered “high risk” detail reasonable options to notify data subject | ||
| Estimated recovery period | ||
| Time & Date submitted to the Data Protection Officer
[must be submitted within 36hrs of notification] |
||
Was this page helpful?
Help us improve cfa.nhs.uk
Tell us what's happened so we can fix the problem. Please do not provide any personal, identifiable or sensitive information.