Vaguely updating a committee a while after an incident doesn’t seem like it’s in line with what you’re meant to do under GDPR in the event of a data breach. I’d hope there are some follow up questions fairly urgently on this.
Also, how ridiculous is it that Welsh LAs set up a data management company only for it to lose that data. You literally had one job.
1 comment
Vaguely updating a committee a while after an incident doesn’t seem like it’s in line with what you’re meant to do under GDPR in the event of a data breach. I’d hope there are some follow up questions fairly urgently on this.
Also, how ridiculous is it that Welsh LAs set up a data management company only for it to lose that data. You literally had one job.
Comments are closed.