Data Breach Management Service

Data Breach Management Service

Identifying a data breach under the GDPR (General Data Protection Regulation) – as well as determining who has been affected, how extensive it is and how it happened – within 72 hours can pose a challenge for any organisation.

With the threat of a data breach becoming increasingly imminent, it is vital that you are prepared to respond in a crisis.

We will help you respond to an incident or data breach quickly and in line with the GDPR’s requirements so that you can resume your normal business operations with minimal disruption and hassle.

Enquire today
Price: £0.00
Excluding VAT

Get fast access to experienced GDPR consultants, cyber security experts and legal advisors

Contact our call centre for immediate assistance with all your incident or data breach response needs.
0330 9000 300


Everything you need to comply with the GDPR’s data breach reporting requirements, all in one place, at a fixed cost.

“I would like to thank you very personally for being such a steadying and calm influence on the preparation process for the initial submission and for working on Saturday to get it done and in. It was an enormous relief to have someone of your experience to draw on in the first few hours of dealing with this nasty incident.” -Client name withheld for confidentiality reasons.

What's included?

  • Dedicated support from qualified and experienced data protection subject-matter experts.
  • Creation and maintenance of a breach log as per the ICO (Information Commissioner’s Office) guidelines.
  • Virtual two-hour review of your organisation’s internal report processes to ensure breaches are recognised and reported in a timely manner.
  • Dedicated breach support in all areas of the process:

1. Reviewing and assessing the nature of the breach.

2. Making a considered decision as to whether the breach needs to be reported to the ICO.

3. Liaising with the single point of contact within your organisation.

4. Advising on the immediate steps to take to protect your organisation and its data subjects.

5. Liaising with the ICO, including responding to and following up on its questions.

6. Notifying data subjects if appropriate.

7. Forensic analysis via our trusted partners, if required (additional cost).

  • Physical or virtual attendance at internal meetings, including table-top exercises or as part of your incident response model.
  • Liaison with your organisation’s DPO (data protection officer) to ensure consistency of policies.
  • Liaison with other regulatory bodies if required by your business model.
  • Assistance with your business continuity planning and organisational learning.


How you will benefit from this service:

  • Receive expert support and advice when you need it most.
  • Stop data breaches in their tracks to limit damage.
  • Meet the GDPR’s 72-hour reporting deadline.
  • Get access to experienced GDPR consultants and legal advisors.

Sign up now to get breaches sorted quickly

With our retainer service you will already be set up as a client, with a pre-approved breach response plan and payment taken care of, meaning we can help you immediately when time is of the essence.


Breach support is available between Monday and Friday, 9:00 am to 5:30 pm, GMT/BST, in line with the Information Commissioner’s Office.

The cost of forensic investigations is not included in the price.

Key Contacts


About us

Led by our management team of experienced DPOs (data protection officers), lawyers, barristers, and information and cyber security experts, we provide DPO, breach, data privacy management, and data subject access request support, and associated non-reserved legal services.

We offer legal risk and compliance consultancy advice that you can trust, but without the burden of administrative duties and expenses that law firms must bear in order to carry out certain ‘reserved legal activities’, such as litigation, conveyancing and advocacy.


GRCI Law has completed the NHS Data Security and Protection (DSP) Toolkit online self-assessment tool which allows organisations to measure their performance against the National Data Guardian’s 10 data security standards, providing the assurance (to all NHS clients) that we are practising good data security and that personal information is handled correctly. If you process NHS patient data in any capacity, GRCI Law is able to assist you with all your data privacy requirements.

If you need assistance to become compliant with the DSP Toolkit, our sister company IT Governance Ltd offers several options to help you complete this exacting requirement.


Stay in touch

Stay up to date with the latest industry news on our blog.

Follow us on social media


Speak to an expert

If you have any queries or you’re unsure of how to progress, please get in touch with our team of experts who will be able to assist with your enquiry and provide guidance options.

Enquire today