What to do if you lose personal data

What to Do if You Lose Personal Data



If your laptop computer is lost, ideally you would like it to be found and returned. As a condition of the insurance it would also be essential to report the matter to the police.

Imagine that the laptop is found by an honest individual who hands it in at a police station: the police would hack into the laptop to ascertain who it belongs to.

If they can access your personal data on the laptop then they must report the matter to the Information Commissioner’s Office (ICO). The laptop is likely to be returned, along with an unwelcome fine, and attention from the ICO.

On the other hand, imagine that the laptop never turns up, but suddenly people you deal with are suffering from identity theft problems. The problems will be traced eventually to your door, along with a visit from the ICO.

In the event that personal data held by you is lost through theft, a deliberate attack, unauthorised use of personal data, accidental loss or equipment failure, then you must respond to the breach appropriately and with a strategy.

The strategy needs to consist of:

  • A recovery plan, including damage limitation.
  • A re-assessment of the risks related to the breach.
  • Informing the appropriate people and organisations to which the breach has occurred, including the ICO.
  • A review of your response and an update to your information security.