We can help you set up an internal procedure to comply with the data controller's obligation to notify the CNIL of any personal data breach within 72 hours of discovering it:
facilitating the escalation of information about a security incident to the appropriate people (data protection officer / security manager / legal department / senior management, etc.),
determine whether the security incident is a data breach based on its impact on the availability, integrity or confidentiality of personal data,
assess the risk presented by the data breach to determine whether it should be notified to the CNIL and/or communicated to the persons concerned,
transform the RGPD's documentation obligations into an opportunity to strengthen the company's level of security.