GDPR Breach Procedure – purpose of the procedure

This procedure must be used in conjunction with our Confidentiality & Data Protection policy. The procedure sets out the process for managing breaches of personal and sensitive data as required by the Data Protection Act 2018 and the General Data Protection Regulations .The Confidentiality & Data Protection policy requires us to process personal data in accordance with specific principles under the GDPR, which all our staff and Board members are expected to comply with.  Details of the data protection principles are described in the Confidentiality & Data Protection policy.