LD Consultores

Data Security Breach

DATA SECURITY BREACH PROCEDURE (Jan 2026)

Entities: LD Consultores C.A. & León & Associated Attorneys at Law Ltd. 

Objective: To ensure a consistent and effective response to any actual or suspected breach of data security.

1. Definition of a Data Security Breach

A data security breach is any incident that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal or sensitive data. Examples include:

  • Loss or theft of physical records or hardware (laptops, mobile phones).
  • Unauthorized access to cloud-based payroll or legal systems.
  • Sending sensitive information to an incorrect recipient.
  • Cyberattacks, such as ransomware or phishing, that compromise data integrity.

2. Immediate Response (Containment and Recovery)

Upon discovery of a suspected breach, the following steps must be taken immediately:

  • Initial Internal Reporting: Any staff member discovering a potential breach must report it immediately to the firm’s Compliance Officer or Managing Partners.
  • Containment: The technical team will take immediate steps to stop further data loss, such as isolating compromised systems, changing passwords, or suspending affected accounts.
  • Recovery: Where possible, the team will attempt to recover lost data from secure, encrypted cloud backups.

3. Assessment of Risk

The Compliance Officer will conduct a formal investigation to determine:

  • The Type of Data Involved: Whether the breach affects sensitive payroll info, tax records, or legal documentation.
  • The Scale of the Breach: The number of individuals (candidates, employees, or clients) affected.
  • The Potential Impact: Assessing the risk of financial loss, identity theft, or reputational damage to affected parties.

4. Notification Protocol

Notification is governed by the risk to individuals and jurisdictional legal requirements:

  • To the Regulator (ICO): For UK-based data, if the breach is likely to result in a risk to individuals, it must be reported to the Information Commissioner’s Office (ICO) within 72 hours of discovery.
  • To Affected Individuals: If the breach is likely to result in a high risk to the rights and freedoms of individuals, they must be notified directly and without undue delay.
  • To Business Partners: We will notify relevant clients or partners in accordance with our contractual Data Protection Agreements (DPAs).

5. Documentation and Post-Incident Review

Regardless of whether notification is required, all breaches will be formally documented in an Internal Breach Register:

  • Record Keeping: We will document the facts of the breach, its effects, and the remedial actions taken.
  • Evaluation: Following a breach, a “Post-Incident Review” will be conducted to identify weaknesses in our Information Security Management System (ISMS).
  • Action Plan: Policies and training programs will be updated to prevent a recurrence of the incident.

Authorized by: Managing Partners LD Consultores & L&A Attorneys at Law