Discover our comprehensive data breach questionnaire, specifically designed to help organizations effectively assess and respond to data breaches. Our questionnaire covers all key aspects - from identifying the incident, to the type of data affected, to communicating with affected parties. Find out how you can precisely record the scope of the data breach, identify the perpetrator and initiate the necessary measures to notify those affected and rectify the incident. Ideal for data protection officers, IT security teams and companies looking to improve their data protection compliance. Stay one step ahead with our data protection questionnaire in the event of a data breach!
Data protection questionnaire in the event of data loss
General information
- Date and time when the data loss was detected:
- [ ] Date: _
- [ ] Time: _
- Description of the data loss:
- [ ] Brief description of the incident:
Scope of the incident
- Type of data concerned:
- [ ] Personal data
- [ ] Financial data
- [ ] Health data
- [ ] Other (please specify): ____
- Number of persons affected:
- [ ] Quantity: _
- Affected areas within the organization:
- [ ] IT department
- [ ] Personnel department
- [ ] Finance department
- [ ] Other (please specify): ____
Cause and responsibility
- Can the cause of the data loss be identified?
- [ ] Yes
- [ ] No
- [ ] Unknown
- If so, who is the polluter?
- [ ] Internal employee
- [ ] External service provider
- [ ] Third party
- [ ] Other (please specify): ____
Communication and notification
- Were the affected persons informed about the data loss?
- [ ] Yes
- [ ] No
- [ ] In preparation
- Time of notification of the persons concerned:
- [ ] Date: _
- [ ] Time: _
- Method of notification:
- [ ] Telephone
- [ ] Letter
- [ ] Personal interview
- [ ] Other (please specify): ____
Measures and follow-up steps
- What measures have been taken to remedy the incident?
- [ ] Restoring the data
- [ ] Technical corrections
- [ ] Internal investigation
- [ ] Other (please specify): ____
- Further steps planned to deal with the incident:
- [ ] ____
Documentation and reporting
- Was the incident documented?
- [ ] Yes
- [ ] No
- Is a report to the competent data protection authority required?
- [ ] Yes
- [ ] No
- [ ] Under review
- Notes and additional information:
- [ ] ____
Conclusion
Name of the person completing the form:
- [ ] ____
Date:
- [ ] ____
Signature:
- [ ] ____