Ga naar inhoud

Help, a data breach! What now?

A data breach or cyber incident can hit prepared organisations too. This help route gives structure: stabilise first, then decide what to report and what to record.

Book an informal conversation

ISO Ready helps you align policy, risk, and evidence — without endless document churn.

Review your ISMS approach in ISO Ready

Help, a data breach! When things go wrong despite preparation, use this route — linked to your ISMS and privacy processes. Educational only — not legal advice.

Help route

  1. First actions
  2. Reporting (DPA, NCSC, individuals)
  3. Notification content & register
  4. 13-step plan

Context: GDPR, NIS2, Cyber Security Act NL, incident response playbook.

Key takeaways

  • Containment and logging before external communications.
  • DPA notification within 72 hours when GDPR requires it; NCSC timing may apply under NIS2.
  • Document every incident internally — even when no external report is required.
  • One timeline and one register supports supervision and ISO audits.

Veelgestelde vragen

Is this legal advice?
No — educational routing only. Confirm obligations with your DPO or counsel.

Run the ISO 27001 readiness scan

See where you stand before investing in documents or consultants.

Start the readiness scan