Reporting Serious Data Protection Incidents

Published: Friday 15 May 2015 - 09:15

Charity Commission guidance makes clear that data protection breaches should be reported as Serious Incidents.


Research by Data Protection specialists and ACEVO partner Protecture confirms that the Charity Commission has received 27 Serious Incident reports on data protection breaches in the last two years. Examples include personal information being lost and stolen; employees gaining unauthorised access to personal information or making accidental disclosures, as well as breaches of IT systems.

Information is a key asset: managing data protection risk should be a high priority for any Trustee looking to ensure that the reputation of their charity remains strong. Please see Protecture’s infographic for more information and their free review offer.