EQUIANO GROUP OBJECTIVES:

Provide as much context about a breach as possible – including the initial damage, its affect and what caused it.

Determine the categories of [personal] data that has been breached, and the number of records affected.

Describe the impact and outline the consequences of the breach for affected parties. This will depend on the information that was compromised.

Training and awareness: to help prepare for a potential future breach, to include data protection training every 12 months 

Preventive measures to outline what (if any) new steps can be put in place to help prevent a future breach occurring; identifying steps taken or planned to mitigate the damage.

Oversight and provision to produce as much information as possible within 72 hours, and  demonstrate that progress is being made with transparent and clear communication with ICO