When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this to test whether privacy breach notification obligations are known and can be acted on quickly. Verify specific legal deadlines and content requirements against official legal advice or current law before use.
Checklist
- Applicable notification requirements identified.
- Breach assessment owner assigned.
- Customer/client contractual notification requirements identified.
- Regulator/data subject notification triggers documented.
- Internal escalation route tested.
- Evidence needed for notification decision defined.
- Draft notification templates reviewed by legal/privacy owner.
- Incident response procedure links to privacy notification assessment.
Related notes
- Template
- Iso27001
- Privacy
- Incident management
Note Metadata
Aliases: PII Breach Notification Checklist
Source: 90 Templates/Privacy Breach Notification Readiness Checklist.md