Data breach
Also known as: personal data breach, security breach
A personal data breach is a security incident that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed. Under the DPA 2020, controllers must notify the Office of the Information Commissioner within 72 hours of becoming aware of a breach where it poses a risk to data subjects' rights and freedoms.
DPA reference
Data Protection Act 2020
Related terms in Key concepts
Anonymisation
Altering personal data so that individuals can no longer be identified, directly or indirectly.
Automated decision-making
Making decisions solely by automated means, without human involvement, that significantly affect individuals.
Beneficial ownership
The natural person who ultimately owns or controls a legal entity.
Biometric data
Unique physical or behavioural characteristics used to identify an individual, such as fingerprints.