With the GDPR now in force, companies have 72 hours to report a data breach, with potentially ruinous penalties should they fail to comply. Failure to demonstrate and document precautions taken, as well as the way a company responds to a breach, will define its future and that of the management team. At FTI Consulting we’ve been trusted by corporations around the globe to handle both their most challenging crisis events, and to ensure that they are suitably prepared to respond before the event arises.
Companies may need to respond to GDPR crisis events such as:
- Data breach or cyber incident involving European personal data, such as employee theft, lost laptop and inappropriate sharing to a third party
- Data protection authority enforcement action or investigation
- Responding to data subject rights including right of access, rectification, erasure, portability