Under the EU's General Data Protection Regulation (GDPR), organisations must report serious data breaches to their supervisory authority. In the UK, for example, this is the ICO. While the requirement to report breaches to authorities only covers breaches that “pose a risk to the rights and freedoms of natural living persons”, organisations are required to keep a record of all personal data breaches.
Ensuring all staff report any breaches to their compliance manager or Data Protection Officer is challenging; staff may not know how to make the report, who the reporting officer is and the associated reporting requirements. This can lead to breaches going unreported, which in some cases can lead to huge fines.
VinciWorks has built a best-practice reporting solution that allows staff to easily and efficiently report any data breaches or concerns. Examples of such breaches include:
All responses that require immediate action can be flagged, allowing data protection officers to easily monitor whether the breach has fully been resolved. Forms can easily be built and customised to request information relating specifically to the organisation and industry.
Administrators can either build forms themselves or use our best-practice customisable built-in forms. High risk submissions are then automatically flagged.
Track which of your employees have reported a breach. Where more information is required, emails can be scheduled to be sent to the relevant staff.
Review flagged entries via the dashboard and take appropriate action.
Submissions can be segmented by administrators and all entries and reports can easily be exported.