Security Incident Management and Personal Data Breach Handling

Has the supplier established procedures for handling personal data breaches (security incidents)?

Yes, there is a formal process in place for handling all personal data breaches and security incidents. All breaches of personal data and security incidents are reported to management, recorded, and managed by designated personnel.

We have documented and implemented ISMS-03 Security Incident Management. We maintain full documentation, including supervisory documentation, under which ISMS-03 Appendix 1 Breach and Incident Register for Personal Data Protection at VERCOM S.A.

Is there a record of breaches being maintained?

Yes, we maintain a Register of Security Incidents and Personal Data Protection Incidents.

Has a supervisory authority or court issued a final decision finding a violation of personal data protection by the provider?

No.

PreviousBusiness Continuity NextInformation Classification

Last updated 1 year ago