Help Centre

ICO breach notifications are submitted directly on the ICO's website. Folelse helps you prepare your notification by capturing all the required information and generating a pre-filled summary.

How to notify the ICO

1. 1 Go to the ICO's breach reporting portal at ico.org.uk/report-a-breach.
2. 2 Select "Report a personal data breach".
3. 3 Use the information from your Folelse breach record to complete the form.
4. 4 The ICO form asks for: nature of the breach, categories and approximate number of data subjects, categories and approximate number of records, likely consequences, measures taken or proposed.
5. 5 Submit the form. You will receive an ICO Reference Number by email.

Recording your ICO reference in Folelse

1. 1 Open the breach record in Folelse.
2. 2 Enter the ICO Reference Number in the ICO Reference field.
3. 3 Set the Date Reported to ICO.
4. 4 Update the status to "Reported to ICO".
5. 5 Attach a copy of your ICO notification confirmation email.

If the ICO follows up

The ICO may request additional information or ask for a formal investigation response. Use the Attachments panel on the breach record to keep all correspondence in one place. Log all communications in the Internal Notes field with dates.

NHS Data Security breaches

NHS organisations must also report certain breaches to NHS England via the Data Security and Protection (DSP) Toolkit Incident Reporting Tool, in addition to the ICO. Serious incidents may also require reporting to your ICB (Integrated Care Board) and NHS England Cyber Security Operations Centre (CSOC).