This document describes and defines the processes for logging and reporting security incidents/breaches involving our customer’s personal data to our customer. Security is a core functional requirement that protects mission critical information from accidental or deliberate theft, leakage, integrity compromise, and deletion.
Winmore recognizes that security responsibilities are shared between our vendors, our partners, our subsidiaries, our customers, and us. Under this shared model, Winmore provides a globally secure software services.
These processes include a requirement that notifications to impacted customers be communicated with 24 hours when they may involve our customer’s personal data. Meeting this requirement enables our customers to investigate and make the appropriate data breach notifications to regulators within the 72 hour timescale found in GDPR.
Plan and Prepare
Winmore has identified internal personnel involved in incident management, including those involved in:
- Senior management
- Information security
- Personal data protection
- Risk management and quality assurance
- Technical support
Winmore has identified external stakeholders, including:
- Service providers
- Regulatory authorities
- Customer liaisons
Winmore has formalized and tested our internal incident management procedures.
Detect and Report
Winmore, together with our infrastructure vendors, has set up a monitoring systems to detect current threats, via internal or external sources, and analyse them on a case-by-case basis.
Winmore, together with our infrastructure vendors, has set up detection devices to alert us to any abnormal, suspicious, and malicious activities, as well as to specifically defined “security events.”
Assess and Decide
After evaluating the information detected and reported on, Winmore determines whether the particular event rises to the level of an incident, and whether notification of competent authorities or individuals is required under law.
Winmore documents the incident in an internal registry with facts about the violation, its effects and remediation measures taken.
Resolve and notify
Winmore must deal with the incident by:
- Identifying and implementing measures to reduce its effects; and
- Notifying competent authorities.
Winmore must use available notification forms provided by competent authorities, such as:
- breach notification forms
- security incident forms
Winmore must identify deficiencies and correct them, to reduce the risk of recurrence.
Winmore must review any and all identified risks and update data protection impact assessments accordingly.