Skip To The Main Content

What should you do in the event of a data protection breach?

  • Blog
  • 30 January 2017

Your business’s responsibility to protect any information it holds on behalf of its staff, suppliers and customers, is important and outlined within The Data Protection Act.

A data protection breach can be the result of you failing to uphold the principles of the Data Protection Act, or it can be the result of a cybercrime, such as hacking, which puts data at risk.

But what should you, as a business owner, do if you fall victim to a data protection breach, like a cybercrime? This blog aims to help.

What should you do in the event of a data protection breach?


If your business has been the victim of a data breach, it’s important that you report it to the relevant authorities.

The data taken could be utilised to defraud people. So it’s important to work with experts to ascertain what information has been accessed, if that information has been copied, and understand the risks posed as a result of it being taken.

Contacting affected parties

You should also contact the people whose data has been affected. This could be a case of contacting individual parties, or providing advice to all your users, or customers, about how to resecure their data as a result of the breach.

This could be a simple change of password. Also, consider sending warnings about phishing scams and explain what information may have been accessed. Even if nothing has been taken, it’s often worthwhile reassuring people that their data is safe and steps are being taken to make it more secure.


In serious cases, affected parties can pursue compensation. Depending on the number of people who do this and the severity of the data breach, multiple compensation claims can be costly.

The results of a poorly handled data breach can be much more than financially damaging. A business’s reputation can be affected, which can hinder a company, especially if it operates digitally and stores personal data, like customers’ contact details. A history of failing to protect that data could cause potential customers to look elsewhere.

The Data Protection Act should always be taken into account. Failing to comply with the act can leave your business open to hefty fines and potential jail terms.

How can FSB help with data protection?

Data protection is crucial; any breaches can pose a serious legal problem for a business. FSB members receive access to our Legal Protection Scheme, which provides access to a range of useful services. This includes:

  • 24-hour Legal Advice helpline
  • Legal costs insurance, covering a range of areas, including Data Protection Prosecution
  • Our online Legal Information Hub, providing a comprehensive range of support materials

To find out more about data protection, or how else our legal protection services can benefit your business, get in touch with a member of our team or visit our FSB Legal Protection Scheme page.

Legal Protection Scheme from FSB

Legal protection covers various scenarios and ensures you and your business are covered

Find out more