The problem

Under the EU's General Data Protection Regulation (GDPR), organisations must report serious data breaches to their supervisory authority. In the UK, for example, this is the ICO. While the requirement to report breaches to authorities only covers breaches that “pose a risk to the rights and freedoms of natural living persons”, organisations are required to keep a record of all personal data breaches.

Ensuring all staff report any breaches to their compliance manager or Data Protection Officer is challenging; staff may not know how to make the report, who the reporting officer is and the associated reporting requirements. This can lead to breaches going unreported, which in some cases can lead to huge fines.

The solution

VinciWorks has built a best-practice reporting solution that allows staff to easily and efficiently report any data breaches or concerns. Examples of such breaches include:

  • Access to personal information by an unauthorised third party
  • Accidentally sending personal data to the wrong person
  • Losing devices that contain personal information
  • Altering personal data without permission
  • Losing personal data

All responses that require immediate action can be flagged, allowing data protection officers to easily monitor whether the breach has fully been resolved. Forms can easily be built and customised to request information relating specifically to the organisation and industry.

Create forms, track and manage reports on one platform


Administrators can either build forms themselves or use our best-practice customisable built-in forms. High risk submissions are then automatically flagged.


Track which of your employees have reported a breach. Where more information is required, emails can be scheduled to be sent to the relevant staff.

Review and resolve

Review flagged entries via the dashboard and take appropriate action.

Manage reports

Submissions can be segmented by administrators and all entries and reports can easily be exported.

Contact us to book a demo