Procedures in the event of personal data breaches

From an operational perspective, financial services providers need a process to respond quickly to personal data breaches and to inform regulators, affected clients and other stakeholders in a timely manner. The required procedures and measures, which sometimes involve the disclosure of the data concerned, entail significant operational and financial risks. Organisations are therefore well advised to draw on the experience of professional service providers for legal advice and for the planning and execution of the necessary procedures and measures.