1 May 2019
1 May 2019

Data breach notifications don’t need to be scary

Ever since the GDPR was introduced, the subject of data breach notifications has worried a lot of people. How do you write one? What do you need to include? What will the ramifications be? Will it make your customers run for the hills? Will it get you fired?

I’ve got news for you, courtesy of Computing.co.uk, one of the technology websites I subscribe to. They can be polite, informative, and leave a favorable impression. This is an email I received from them the other day:

The email gives the background, the details, the steps they’ve taken to mitigate the risk, the option to reset my password – everything I would want to know in just 286 words. It doesn’t pull any punches, but neither does it come across as an apology on bended knees.

The subject line to the email, incidentally, was Notification of a potential data security breach of your password. Honest, open, and enough to make me read the email – and then be reassured by the content of the email.

So if you’ve been wondering what to do if you have to write a data breach notification, a good first step is to follow the example of Computing.co.uk. They’ve done a lot of the hard work for you.

And, yes, I remain a subscriber.

If you’d like to know more about data breach notifications, there’s a fascinating article by William Brewer on Redgate’s technical journal, Simple Talk.

Related posts

Also in Audit & Compliance

Ensuring data security and regulatory compliance in the cloud

Many business solutions are migrating to the cloud due to the flexibility, scalability, and cost-saving features it offers. However, while moving to the cloud, data, systems and services can be ex...

Also in Blog

Adoption rates and key drivers for Database DevOps in Financial Services

In 2017 we launched our first report into the State of Database DevOps and have repeated it year-on-year. The responses from thousands of database professionals have given us unique insights into how ...