Oliver Topping discusses recovering from a data breach
New laws on data protection come into force in the UK on May 25 2018, and will raise the bar on how pension scheme trustees manage their data.
One of the biggest changes being brought in by the General Data Protection Regulation relates to what needs to be done when there is a data breach.
While steps can be taken to avoid data breaches, they can still happen to even the best-prepared trustee board. For a pension scheme, a breach could range from a minor mistake, such as sending a benefit statement to the wrong member, to a catastrophic hack, for example scheme membership data leaked onto the internet.
Different steps will need to be taken to recover from a data breach, depending on how serious the breach is, and trustees should plan ahead to make sure they are prepared for the new requirements. Not complying could potentially lead to significant fines.
Read the full article in Pensions Expert (subscription required)