Security Incident

Any event compromising the confidentiality, integrity, or availability of information systems or personal data, ranging from unauthorized access attempts to data breaches causing actual harm. Security incidents include: data breaches, unauthorized access, malware infections, denial-of-service attacks, physical theft of devices, accidental disclosures, and insider misuse. Not all incidents constitute 'personal data breaches' requiring notification—the key question is whether personal data was compromised and whether risks to individuals exist. Organizations should maintain incident response plans addressing: detection and reporting procedures, initial assessment and containment, investigation and scope determination, notification decisions and timelines, remediation measures, and post-incident review. Under GDPR Article 33, controllers must notify supervisory authorities of personal data breaches within 72 hours unless the breach is unlikely to result in risks to individuals. Incident response procedures should be documented, tested regularly, and integrated with broader security programs. Effective incident management can significantly reduce breach consequences and demonstrate responsible data stewardship.