Following the Data Protection Act 1998, the new General Data Protection Regulation (GDPR) 2018 came into force on 25 May 2018. It applies to anyone who processes, stores or is the subject of personal data.
In collecting, using, storing and disposing of data, The Evolve Trust will comply with the requirements of the GDPR that govern the processing of personal data.
A security incident that has affected the confidentiality, integrity or availability of personal data, examples below:
If there has been an incident which resulted in a potential breach of personal data, it is imperative that it is reported immediately.
In most cases it is not necessary for the trust to file a report with the ICO, and the incident (often called a 'near miss') can be managed internally, however, it is important that this decision is made by the Data Breach Committee.
If you are unsure if the incident is indeed a breach, it would be best to submit a report anyway, for the Committee to review.
If you suspect a potential breach, please download and complete the Data Breach Report Form and return it to GDPRbreach@evolvetrust.org as soon as possible.
Please include as much detail as possible so that, if required, action can be taken immediately following receipt of the report.
Alex Walker is the Data Protection Officer for The Evolve Trust. Alex can be contacted via email for any help and guidance needed around GDPR (DPO@evolvetrust.org)
Subject access requests to be forwarded to firstname.lastname@example.org