Printer Friendly, PDF & Email

Two years of GDPR: The security breach lessons we've learned

Jonathan Armstrong ( is Partner at London-based Cordery.

Dealing with a security breach, even in these unusual times, is the toughest aspect of a compliance professional’s job. Since we’ve passed the second anniversary of the General Data Protection Regulation[1] (GDPR), I thought it might be interesting to share some of the lessons—the top ten tips—that my organization has learned from handling security breaches across the European Union. We have also included some public cases from around the EU and further afield to illustrate some of the points we are making. In some cases, we have used pre-GDPR cases where we think they are instructive. Most of these lessons seem like common sense, but it will be to your advantage to review them as a checklist to make sure your processes are robust.

This document is only available to members. Please log in or become a member.