Description

This is an internal policy for your business to document the company’s backup strategy, including identification of critical systems and data, frequency of incremental and full backups, responsibilities of backup administrator, storage of backups and restoration procedures and more. It is critical in that it often represents the company’s last line of defence against data loss stemming from a hardware failure, data corruption, or a personal data security breach incident.

You have obligations to notify the supervisory authority (the ICO in the UK) and Data Subjects of a personal data breach under Article 33 and Article 34.

A Data Controller should keep documentation of the facts of the breach to be able to prove compliance to the ICO and feed back the:

categories of affected Data Subjects;
a description of likely consequences of the breach, and measures that have been taken, or will be taken, in response to the breach;
the approximate number of Data Subjects and data records; and,
the name and contact details of the DPO or other point of contact.

Undertaking effective and frequent backups will help with the above obligations.

Get your business GDPR Ready

Where you have completed a GDPR Full Audit yourself, you can purchase a review and receive a tailored and easy-to-follow GDPR Task Schedule recommending what you can do to be compliant.

Get your business GDPR Ready

Browse GDPR Templates

We have a suite of instant download or pre-order GDPR templates available for you to purchase and tailor for your business.

Browse GDPR Templates

BackUp Policy

BackUp Policy

Description

Related products

Shareholder (Majority & Minority Joint Venture – Individuals) Agreement (B2B)

Handyman Agreement (B2B)

Articles of Association (specimen for Shareholder (Majority & Minority Joint Venture – Individuals) Agreement

Handyman Agreement (B2C)