All security incidents are addressed in a consistent manner to improve security based on what has happened.
In the incident treatment process:
A process for reporting incidents is maintained to help staff report incidents efficiently and consistently.
Things to report as an incident include e.g.:
The personnel guidelines emphasize the obligation to report security incidents as soon as possible in accordance with the agreed process. The instructions also describe other operations in the event of an incident (e.g. recording seen error messages and other details).
The organization must document all personal data breaches and their consequences and the corrective actions taken, regardless of the action ultimately resulting from the breach.
Failure to comply with the documentation obligation or notification is contrary to GDPR and may lead to sanctions defined on the regulation.
The organization must have a process for reporting a security breach that has occurred or is suspected of endangering internationally classified information to the competent security authority.
The organization must also have guidelines and procedures for detecting and informing of security breaches that have compromised classified information within the organization and to whom the security breach or suspicion thereof should be sent. inform. In addition, it must be clear what kinds of data security deviations require contacting the authorities.
Security classified information is considered compromised when it has been revealed or could have been revealed to outsiders as a result of a data security incident. Several data owners (e.g. the EU) as well as valid authority approvals require immediate notification of deviations or suspicions that endanger classified information.