All staff, volunteers and governors need to be aware of what to do in the event of a DPA / UK GDPR breach and we have a documented procedure to follow in such an event.

Most breaches, aside from cybercriminal attacks, occur as a result of human error. They are not malicious in origin and if quickly reported are often manageable.

We ensure through regular training that everyone understands that if a breach occurs it must be swiftly reported.

Data Breach and Non-Compliance Procedure

• Data Breach and Non-Compliance Procedure.pdf