Breach Incident Management

Breach Incident Management

An eLearning module addressing these issues:

Recent data breaches have caused huge issues. Facebook, LivingSocial, Hilton, Neiman Marcus and Talk-Talk are a few examples of major breaches, their enormous consequential costs and reputational damage. Customers were left exposed to identity theft, major inconvenience and potential financial loss.

New privacy regulations, such as GDPR, pay particular attention to prevention and management of breaches and loss. It is now a Board level issue. The creation and maintenance of the Breach Incident Management Plan is critical for organisations. Fast response to breaches, notification to impacted consumers and the appropriate regulatory authority is critical to prevent further damage or loss. Collection of information about breaches, communicating and sharing intelligence is a crucial part of the plan. 

Failure in this area will attract sanctions and fines. 

Many organisations only have a basic plan that is not updated regularly. According to Experian's Third-Annual Preparedness study, only 25 percent of organisations update their plan once or twice a year, and 35 percent haven’t updated or reviewed their plan since it was put in place. In a rapidly developing cyber world this is not good enough.   

In this course, we concentrate on the important aspects of breach incident management in the context of new General Data Protection regulation and global challenges. 

This module is part of the EDMworks Data Management Agenda for Privacy

Completion of the course will provide the delegate with:

- Information on leading cases of data breaches, consequences and damages

- An approach to defining and analysing the data breaches

- An approach to understanding and assessing the risks and cyber threats facing the organisation

- A practical method for developing and executing security and breach incident response plans

- An approach to minimise the potential loss and reputational damage

- Ensuring compliance with the data protection rules and requirements

The course is structured into the following components:

The course is segmented into two modules. The contents of the modules are described in the course contents.

The course consists of:

- A one day seminar/workshop, highly interactive with case study exercises and feedback

- An eLearning self-paced module on the General Data Protection Regulation to provide background on GDPR and managing data about people

Duration and timing

The workshop is a full day from 9-5pm.

The eLearning module has an approximate duration of 1 hour.

On-line certification

The workshop has a certificate of completion.

The eLearning module has an optional certification test.


On the eLearning modules there are self-assessments in each module that you can take as many times as you like.

This is confidential and does not form part of your test score.

On successful completion, a certificate is issued and an on-line record of achievement is maintained in our register

Global availability

The course modules and certification test are globally available without restriction.

They can be accessed 24/7.


The cost of the course for one delegate is GBP 650 includes the workshop and two eLearning courses (approx value GBP 200.00) (plus VAT where applicable). 


When making payment you will be presented with several different PayPal options. Please choose the right one for you. If you have any queries, please contact us at


If you would like to pay against an invoice then please email us with Purchase Order details at

Corporate Rates

If you are interested in making a bulk corporate order, please email for more information.

This provides the delegate with:

- The workshop and eLearning Courses

- A recognised certificate

- Entries in the EDMworks Register

- The option to make this record public for job requirements

Course Contents

The regulatory framework (supplementary eLearning)

- Scope, objectives, principles and rights

- Obligations, roles and accountabilities

- Transfers and contracts

- Liabilities and penalties

- Privacy by design and default

- Privacy Impact Assessments

- Breach Incident Management

- Self regulatory aspects and liaison with supervisors

- Examples of other self-regulatory regulations

Where is the data we are protecting

- Data at the heart. Interaction with process and management

- Data flows and stores

- Data architecture and systems inventory

Data Breaches Background

- Data Breaches: history and examples

- Costs of data breach

What is personal data breach?

- Defining the scope of personal data

- Personal Data Breach

Reasons for data breach

- Risks of organisations

Breach Management Plan

- Incident Management

- Risk Management

- Notification of breaches

- Breach situations

- Evaluation and response

Prevention of data breaches

- Strategies for prevention of data breaches

- Roles and Responsibilities

Last modified: Monday, 26 September 2016, 2:15 PM