From the stomach-churning moment that you discover your organisation has lost a bundle of personal details – either by accident or as a result of a malicious electronic attack – the entire enterprise will be under the cosh.

IT staffers will be frantically trying to plug any gaps in security, customers will be demanding recompense and information, and regulators may be breathing down your neck, too.

The way you respond to a data breach will have a profound impact on the future of any business. Get it right, and the crisis can be turned into a security enhancing positive, but if you fall foul of the authorities or disaffected customers, the data breach recovery process could take years.

This booklet cannot provide all the answers for every company, but it aims to provide a loose blueprint to ensure that you know what steps you must take to rectify the situation, which authorities you need to inform, and how to put measures in place to make sure the embarrassment of a data breach never darkens your door again.

The information is drawn from various regulatory publications, and interviews with security experts, lawyers and software suppliers.