Report a Data Breach

Organization Name

Contact person

Contact number

Email address

Other contact details

Description of data breach

Information involved in the data breach

In addition, please select any categories that apply:

Type of personal information involved in the data breach

Type of Personal Information

Provide detailed description of any action, including remedial action, you are taking, or intend to take to assist data subjects whose personal data was involved in the data breach

Provide detailed description of any action you have taken, or are intending to take, to prevent reoccurrence

Specify the steps your organisation/ agency recommends that individuals take to reduce the risk that they experience serious hard as a result of this data breach

Other entities affected: (if the data breach described above was also a data breach of another organisation, provide their identity and contact details)

Date the breach occurred: (provide your best estimate if the exact date is not known)

Date the breach was discovered (provide your best estimate if the exact date is not known)

Was data breach was reported after 72 hours of discovery?

Yes

If YES, please specify why

Primary cause of breach

If other, please specify.

Please specify

Description of how the data breach occurred

Add description

Number of data subjects whose personal data is involved in the data breach

Exact number of data subjects whose personal data is involved in the breach (please provide your best estimate)

List of any other data protection authorities, law enforcement bodies or regulatory bodies that you have reported, or intend to report, this data breach to

Is there any other information you wish to provide at this stage, or any matters that you wish to draw to the ODPC’S attention?

If you wish to provide further information or documents after you submit the form, you may email them to
databreach@odpc.go.ke

Request for confidentiality

I request that the particulars of the breach, mitigation efforts and responses, and additional information provided in this form be held by the ODPC in confidence

The ODPC will respect the confidence of commercially or operationally sensitive information provided voluntarily in support of a data breach notification, and will only disclose this information after consulting with you, and with your agreement or where required by law.

If you request any information in this of this form is held by the ODPC in confidence, please provide further information to support the reques

Declaration

I hereby declare that the information given in this application is true and correct to the best of my knowledge and belief

Review and Submit

Please review the information that you have provided about the data breach. If you would like to change anything, you can return to the relevant section by using the Go Back button. Once you are ready to submit your form, click the Submit button below. Once you submit your form, you will be taken to a confirmation page. This page will provide a receipt number for your submission, and you will be able to download a copy of your completed form or have a copy sent to an email address of your choice.

Quick Links

Will you be affected by the Data Protection (Registration of Data Controllers and Data Processors)Regulations, 2021? Here is your chance to submit comments on the Regulatory Impact Statement available on https://t.co/JnhGl9AyfA.#DataProtectionKE #publicparticipation pic.twitter.com/ndYa0UdBmK
— OFFICE OF THE DATA PROTECTION COMMISSIONER (@ODPC_KE) May 20, 2021

Quick Links

Follow @ODPC_KE

Tweets by ODPC_KE