1. Initial information gathering
• what has happened;
• when and how you found out about the breach;
• the people that have been or may be affected by the breach;
• what you are doing as a result of the breach; and
• who else you have told.
To ensure that the evaluation is appropriate and to help the Assurance and Data Protection Office provide the most effective support to you. Please provide as much information as possible and ensure it is as accurate and detailed as possible.
For completion by the Assurance and Data Protection Office
a. Follow up/interim
b. Conclusion/Lessons Learned Article, 33(5) record