Data Breach Response Checklist

Generate a data breach response plan and notification checklist

Organization Name

Breach Type

Data Types Affected

Estimated People Affected

Jurisdiction

Result

Response Checklist

IMMEDIATE (0-24 hours):
1. Contain the breach - isolate affected systems
2. Preserve evidence - do not delete logs or affected data
3. Assemble incident response team
4. Document timeline of events
5. Assess scope and nature of compromised data

SHORT-TERM (24-72 hours):
6. Notify legal counsel
7. Determine notification obligations
8. GDPR: Notify supervisory authority within 72 hours
9. Check state-specific breach notification laws
10. Prepare notification to affected individuals
11. Engage forensic investigators if needed

MEDIUM-TERM (1-4 weeks):
12. Send breach notifications to affected individuals
13. Offer credit monitoring if financial/identity data exposed
14. Issue public statement if required
15. Implement immediate security improvements

LONG-TERM:
16. Conduct full post-incident review
17. Update security policies and procedures
18. Provide additional staff training
19. Document lessons learned

Breach SummaryUnauthorized Access affecting pii data for ~Unknown individuals

Severity

Medium

Notification Timeline72 hours for authority notification

Related Tools

GDPR Compliance Checklist

Assess your GDPR compliance

Generate a privacy policy