
- Go Privacy Management > Incident and Breach Management.
- Click on ‘+ add incident’.

1. Basic incident details
- Provide the Incident name by filling out the ‘Incident name’ field.
- Fill out the ‘Incident reported by’ field.
- If necessary change the ‘Incident submitted by’ field.
- Select the Incident category from the ‘Incident category’ list.
- Select the Incident detection date, by selecting a date in the box.
- Select the Incident reported date, by selecting a date in the box.
- Provide more information in the ‘Incident description’ field.
- Upload Relevant documentation by clicking on browse file or dropping the file into the field.
2. Incident data/Processing context
- Select the incident origin, from the ‘Incident origin’ list.
- In case you selected internal; select the Involved department(s) and office(s) from the ‘Involved department(s)’ list and the ‘Involved office(s)’ list.
- In case you selected external; select the Involved stakeholder(s) from the ‘Involved stakeholder(s)’ list.
- Select your role within the incident as ‘controller’ or ‘processor’.
- Indicate whether or not personal data is leaked. In case you selected ‘no’ please continu to the summary page (point 6). If you selected ‘yes’ continue reading.
- Select involved Data Subjects by filtering on a process and/or processing activity.
- The default amount and location of the data subjects involved will automatically filled out. Edit if necessary.
- Select involved IM Systems by filtering on a process and/or processing activity.
- Select the involved data attributes by filtering on a process and/or processing activity.
- Fill out the questions about the involved data in the breach by selecting an answer from the list.
- Click on the ‘+’ sign to provide a justification.
- Fill out the questions about additional increasing/decreasing impact context factors.
3. Ease of identification
- Select the relevant answer on how easy the data subject could be identified based on the leaked data, by selecting the applicable box.
- Provide a justification in the free text field.
4. Circumstances of the breach
- Check if other potential impact increasing factors are relevant by selecting the items that apply to your breach.
- Provide a justification in the free text field.
5. Projected impact
- RESPONSUM will provide you a calculated impact. The result calculated is based on a generally defined weight linked to the questions you answered earlier in the root cause analysis.
- Make a final decision, by selecting ‘yes’ or ‘no’ from the list.
- Provide additional increasing or decreasing parameters by clicking on the ‘+’ sign. Provide a name and a description. Click ‘OK’.
- If the calculated score is rejected, provide the updated impact score.
6. Summary
- If necessary, provide some extra information.
- Click ‘Save’ or ‘Save & exit’