4.

DATA PROTECTION & INFORMATION GOVERNANCE

Data protection is a set of strategies and processes you can use to secure the privacy,
availibility and integrity of your data. It is sometimes also called data security or
information privacy. A data protection strategy is vital for any organization that
collects, handles or stores sensitive data.

A. HOW DATA IS KEPT SECURE

- I shall keep the data electronically in a password protected device. I shall ensure to
scrap any irrelevant and dated information.
- I shall ensure to keep the data as per GDPR.
- I shall respond to the data breaches by contacting the person of direct contact in
the LCC – Transport. I shall do so by following the acceptable/recommended
reporting practices.

B. CYBER
I keep updated Anti-Virus software to stay protected against any viruses. Moreover, I
don’t store any sensitive information in my password protected laptop so that there is
no question of it being at risk.

C. HOW TO RESPOND TO A DATA BREACH

In case of data breach, the company will warn costumers and higher authorities.
Additionally, the company will contact data security specialists to control the damage.

D. REPORTING PROCESS FOR ANY DATA BREACH

Step 1: Contain the data breach to prevent any further compromise of personal

information.

Step 2: Assess the data breach by gathering the facts and evaluating the risks,
including potential harm to affected individuals and, where possible, taking action to
remediate any risk of harm.
Step 3: If the breach is an ‘eligible data breach’ under the NDB scheme ,
notify individuals and the Commissioner.

Step 4: Review the incident and consider what actions can be taken to prevent future
breaches.

E. CYBER ESSENTIALS

I have passed cyber essential certificate which will help me to secure data in a better
way in future

HAWKS TAXIS

Signed by Raja Yasir Riaz: January 21st, 2022