Loading...

Purpose:

This document outlines the way in which Appointment Guru responds to and deals with a breach of data.

Definitions:

A data breach is when sensitive, protected or confidential information is copied, sent, looked at or used by someone who is not authorised to do so.

Procedure:

In the event that data within Appointment Guru is breached, the following steps must be followed:

Step 1: Reporting

The breach must be reported to the Information Officer immediately. Details of what information was breached, how it was breached and the persons whose data was breached must be provided to the Information Officer in writing.

Step 2: Liasion with the Information Regulator

The Information must inform the Information Regulator of the data breach as soon as possible.

Step 3: Notifying those whose personal information was breached

A list of all persons whose personal data was breached must be collated. Written notice must be sent out informing them of the details of the breach including what information may have been breached and what steps are being put in place to increase security regarding their personal information.