3 best practices to prevent data leaks
Over 160,000 data breach notifications have been reported across the 28 European Union Member States plus Norway, Iceland and Liechtenstein since the GDPR came into effect on 25 May 2018, according to DLA Piper's GDPR Data Breach Survey 2020. The 2020 report shows an increase of over 12% compared to last year's report.
Article 33 of the GDPR requires companies to notify personal data breaches to the supervisory authority, not later than 72 hours since becoming aware of it.
What exactly should be done in the event of a data breach?
We cannot emphasize often enough how important it is to take immediate action . But, do we also know what exactly needs to be done? Here we have a reminder for you:
Step-by-step plan: what to do in case of a data breach?
- Make sure you have an overview of what happened: what data was leaked and who had access to it?
- Limit the damage: are there any measures you can take now to prevent it from getting worse?
- Do you have to report it to the supervisory authority? Not all leaks need to be reported.
- Do you have to notify the persons involved? If so, do it as soon as possible.
- Register the data leak - this is done in your mandatory data leak register.
How can you prevent data breaches?
Fortunately, it does not have to go that far for most organizations. Data leaks can be prevented with the right measures. Earlier, we already shared some tips on how to prevent data leaks with you. With these tips we zoom in on the problems that exist, such as the unsecured sending of sensitive information. Or working on public networks, making your connected devices easily accessible to unauthorized persons.
However, there is more you can do and look out for. When we look at the nature of the data breaches, we see many recurring patterns. Sending data to the wrong person is the biggest cause of data leaks in Europe. That is a shame, because it means that the data loss was not caused by, for example, a phishing attack from the outside. No, most data breaches are caused by human errors.
Three pillars, one goal: avoid human errors
Fortunately, there are functionalities in secure emailing solutions that can limit making these human errors. Or the possibility to maintain as much control as possible about the exchange of sensitive information during the entire email process. Hereby, there are three parts, or pillars, that are important:
UsabilityIn most cases, a system that is complicated to use will not be used (correctly)
AwarenessThose who consciously handle the processing of sensitive data, will in turn do so in the correct manner.
ControlStay in control of data leaving your organization
A combination of these pillars will ensure that the chance of a data breach can be limited.
Would you like to know more about how to prevent data leaks?
Sharing information unintentionally with the wrong recipient remains the biggest cause of data leaks. In this whitepaper, you’ll find the 3 best practices to avoid data leaking out of your organization.