Gdpr breach

liosnagceann75

Hi. I am concerned about a gdpr breach and what action I should take.
A copy of ulster's banks tracker mortgage examination bank response to my appeal to the independent panel was sent to another ulster bank customer who also was appealing ulster banks mortgage tracker redress and compensation.
The customer in question kindly contacted me to inform me of the sensitive and confidential information sent to him in error.
The information sent in error included my mortgage details, my mortgage history, details of ulster's banks redress and compensation and my appeal about the level of redress and compensation.
After contacting ulster bank they have acknowledged the breach and apologised over the phone. Ulster bank are looking into it and will revert to me hopefully ASAP.
Any advise on what u should do if anything would be appreciated. Thanks

Elemonator

Possibly should look into reporting the breach to the Data Protection Commissioner.

dudara

Yes, this was a breach of personal information by Ulster Bank. They are obliged to record this breach and record the actions they take in response to it.

They will go through an internal decision process to determine if they need to report it to the Data Protection Commission. This is based on an assessment of risk to the individual(s). If your case was a single, isolated incident, and based on the information you've shared, there is little case for them to report to the DPC. Ulster Bank will still need to maintain their own breach record.

You could report the breach yourself to the DPC, but you really should weigh up first how damaging the breach was, and the level of response shown by Ulster Bank.