Data Breach Response Policy

A policy to provide a process to report suspected thefts involving data, data breaches or exposures. Easy to edit template document in Word

Free Download
template file type image
.docx (0.02 MB)


By using the editable Word template provided, you will be able to easily develop a data breach response policy to provide a process to report suspected thefts involving data, data breaches or exposures (including unauthorized access, use, or disclosure) to appropriate individuals; and to outline the response to a confirmed theft, data breach or exposure based on the type of data involved.

The template includes the following sections:

  1. Purpose: Clear definition what the goal is of the policy/document. 
  2. Background: Information about why this policy was created.
  3. Scope: What is and what is not included.
  4. Cooperation:  With whom and wow to cooperate 3th parties in case case of a data breach.
  5. Communication plan: How to communicate in case of a data breach.
  6. Ownership and responsibilities.
  7. Enforcement.
  8. Definition. List of all definitions including explanation.

Example extract of the document:

Data Breach Response Policy


This policy mandates that any individual who suspects that a theft, breach, or exposure of {{organization-name}} Protected data or {{organization-name}} Sensitive data has occurred must immediately describe what occurred via e-mail to {{helpdesk-email}}, by calling {{helpdesk-tel}}, or through the use of the help desk reporting web page at {{helpdesk-web}}. This e-mail address, phone number, and web page are monitored by the {{organization-name}}’s Information Security Administrator. This team will investigate all reported thefts, data breaches, and exposures to confirm if a theft, breach, or exposure has occurred. If a theft, breach, or exposure has occurred, the Information Security Administrator will follow the appropriate procedure in place.

The content is for informational purposes only, you should not construe any such information or other material as legal, tax, investment, financial, or other advice. Nothing contained this site constitutes a solicitation, recommendation, endorsement, or offer by Bizzlibrary or any third party service provider to buy or sell any securities or other financial instruments in this or in any other jurisdiction in which such solicitation or offer would be unlawful under the securities laws of such jurisdiction.


Shella Barber - GBR

Very good file, I will check your documents more often

GDPR Documents

GDPR Documents

Is your organisation GDPR proof? Demonstrate your efforts in order to become compliant with the GDPR with this set of mandatory compliance document templates.

Learn More About GDPR Documents

Our Latest Blog

Related keywords