Data Breach Policy

1. Policy Statement

Eurasia Educational Dynamics (EED) is committed to maintaining the confidentiality, integrity, and availability of all data entrusted to us, including personal information provided by delegates. In the event of a data breach, EED will take prompt and appropriate action to mitigate the impact on affected individuals and prevent further unauthorised access or disclosure.

2. Definition of a Data Breach

A data breach is defined as any unauthorised access, acquisition, disclosure, or use of personal information that compromises the security, confidentiality, or integrity of such information. This includes incidents resulting from external cyber-attacks, insider threats, human error, or other unauthorised activities.

3. Reporting Procedure

Any staff member who becomes aware of or suspects a data breach must immediately report it to the designated data protection contact. The report should include details of the breach, including the nature of the incident, the type of data affected, and any potential impact on individuals or the organisation.

4. Assessment and Investigation

Upon receiving a report of a data breach, the DPO or designated data protection contact will conduct a thorough assessment and investigation to determine the scope and severity of the breach. This may involve gathering evidence, interviewing relevant parties, and consulting with internal and external experts as necessary.

5. Notification of Affected Parties

If it is determined that the data breach poses a risk to the rights and freedoms of affected individuals, EED will promptly notify them of the breach in accordance with applicable data protection laws and regulations. This notification will include details of the breach, the type of data affected, and any steps individuals can take to mitigate the impact of the breach.

6. Remediation and Response

Following notification, EED will take all necessary steps to remediate the data breach and prevent any further unauthorised access or disclosure. This may include implementing additional security measures, providing affected individuals with access to support services, and cooperating with relevant authorities as required.

7. Review and Continuous Improvement

After resolving the data breach, EED will conduct a thorough review and analysis of the incident to identify any underlying causes or contributing factors. Based on this review, EED will implement any necessary changes to policies, procedures, or systems to prevent similar incidents from occurring in the future.

8. Compliance and Accountability

All staff members are expected to comply with this Data Breach Policy and take reasonable steps to protect personal information from unauthorised access, disclosure, or misuse. Failure to comply with this policy may result in disciplinary action, up to and including termination of employment.

9. Contact 

For any questions or concerns regarding this Data Breach Policy or the handling of personal information, individuals may contact the us directly.

10. Policy Review

This Data Breach Policy will be reviewed regularly to ensure its effectiveness and compliance with applicable laws and regulations. Any updates or revisions to the policy will be communicated to staff members in a timely manner.