Intercept’s Procedures for Handling Data Breaches and Security Incidents
Preparation
Intercept ensures that all employees are well-prepared to handle potential security incidents through regular training and awareness programs. The company maintains an up-to-date incident response plan, which outlines the roles and responsibilities of each team member during an incident.
Detection and Reporting
Intercept employs advanced monitoring tools and techniques to detect unusual activities or potential security breaches. Employees are encouraged to report any suspicious activities immediately. Once a potential incident is detected, it is logged and categorized based on its severity and impact.
Determining Data Breach
To determine a personal data breach, Intercept uses the GDPR and the guidelines for data breach notification as a reference.
Data Breach Notification Obligation
The GDPR requires that any data breaches be reported to the Dutch Data Protection Authority (AP) by the data controller. Therefore, Intercept does not report to the AP itself. The AP's data breach notification policy provides more information on this. Intercept requests that if you make a (preliminary) report to the AP and/or the data subject(s) about a data breach at Intercept, you inform us first. Intercept can then work with you to make the right decisions regarding the actions to be taken.
Containment
Upon identifying a security incident, Intercept’s first priority is to contain the threat to prevent further damage. This may involve isolating affected systems, disabling compromised accounts, or blocking malicious traffic. Quick containment helps minimize the impact of the incident.
Notification to the Customer
When Intercept becomes aware of a security incident or data breach, you will be informed as soon as possible. Intercept staff will create an incident in the service portal for this purpose. Intercept expects your cooperation as a customer.
Notification Timeline
According to the GDPR, a security breach must be reported "without undue delay." The AP interprets this as without unnecessary delay and, if feasible, no later than 72 hours after discovery by the controller. In the event of a security incident, Intercept will inform you as soon as possible, but no later than 48 hours after discovery. You must determine whether the security incident qualifies as a 'data breach' and if notification to the AP is required. After being informed by Intercept, you have 72 hours to make this assessment.
Providing Information
Intercept always strives to provide you with all necessary information for a potential report to the AP and/or the data subject(s) within a timely fashion.
Eradication
After containment, the next step is to eradicate the root cause of the incident. This involves removing malware, closing vulnerabilities, and ensuring that no traces of the threat remain in the system. Intercept conducts thorough investigations to understand how the breach occurred and to prevent future incidents.
Recovery
Once the threat is eradicated, Intercept focuses on restoring affected systems and services to normal operation. This includes recovering data from backups, patching systems, and conducting thorough testing to ensure that all systems are secure and functioning correctly.
Post-Incident Review
After the incident is resolved, Intercept conducts a detailed post-incident review to analyze the response and identify any areas for improvement. Lessons learned from the incident are documented and used to update the incident response plan and improve overall security measures.
Communication
Throughout the incident response process, clear and timely communication is maintained with all relevant stakeholders. Intercept ensures that affected parties are informed about the incident, the steps being taken to address it, and any actions they need to take.
This structured approach ensures that Intercept can effectively manage and mitigate the impact of data breaches and security incidents, maintaining the trust and confidence of its clients and stakeholders. If you need more details or have specific questions, feel free to ask.