Deloitte and AllClear ID Introduce First 72-Hour GDPR Customer Notification and Identity Protection Service

Deloitte and AllClear ID Introduce First 72-Hour GDPR Customer Notification and Identity Protection Service
24.05.2018 09:48 am

Deloitte and AllClear ID Introduce First 72-Hour GDPR Customer Notification and Identity Protection Service

Data Protection , Compliance

Deloitte LLP, with 20 years of successfully delivering large-scale customer outreach solutions, and AllClear ID, Inc., the world’s leading provider of customer breach notification and identity protection, today announce their collaboration to deliver data breach customer notification services to the customers of businesses under the GDPR regulations. The collaboration will offer Customer Breach Support (CBS) to businesses, the first and only managed service in Europe that establishes and guarantees 72-hour readiness and the large-scale deployment of customer response and notification operations in the event of a data breach.

With the General Data Protection Regulation (GDPR) deadline looming, the requirement for businesses to be prepared to notify, support and protect their customers before a data breach happens has been fully regulated. With CBS, businesses can provide regulators with comprehensive data breach customer notification plans and enact timely and full customer notification without ‘undue delay’ in-line with GDPR requirements. 

Beginning May 25th, 2018, GDPR requires businesses to quickly notify regulators and affected customers when personal information is exposed by a data breach. GDPR requires that:

  • All significant breaches must be reported to regulators within 72-hours of the organisation becoming aware of the breach.
  • The regulator must also be informed of measures to mitigate its possible adverse effects.
  • If the breach is sufficiently serious and ‘poses a high risk’ to affected customers, the organisation responsible must also communicate the breach to the customer ‘without undue delay’.

Failure to meet these requirements risks fines of €20 million, or 4% of turnover. This failure also risks reputational damage, loss of executive staff, revenues and customers if the resulting response is inadequate. A data breach under GDPR, handled incorrectly, has the potential to destroy a business.

Any business with customers in the EU, or targeting individuals in the EU, needs a comprehensive breach response plan in place, encompassing customer notification and identity protection. A successful GDPR-compliant plan relies on speed of notification and quality of response.

The Customer Breach Support service has two core components:

  1. Reserved Response Support: an ongoing managed service to provide the capacity to meet a client’s customer notification requirements to a data breach under GDPR. It includes a full readiness programme with playbooks and exercises to prepare for a large-scale breach response.
  2. Live Customer Support: a specialist, scalable team to coordinate and deliver dedicated support and protection to a client’s customers following a data breach. It encompasses full notification services, customer support, identity protection and identity repair.

Dominic Cockram, Partner at Deloitte, said: “No business can consider themselves safe from a breach. Businesses must ensure they can respond proactively and head off the potentially damaging consequences of not complying with GDPR regulations by guaranteeing a swift, and high-quality notification response that scales to meet customer demand. The protection of customers whose personal data has been compromised is critical and must be the key focus of any response – notification, support and protection must be fast, effective and professional. To achieve this you must be ready and have the guaranteed capacity in place.”

“AllClear ID’s demonstrable experience in data breach response made it the perfect collaborator to support our delivery of data breach response services in Europe.”

Bo Holland, CEO at AllClear ID, said: “A poor customer response after a data breach can have tragic consequences, and GDPR increases the response risk dramatically. Many people think it is impossible to launch a large-scale customer response in 72-hours, but we’ve proven the opposite with 80 of the largest brands in the USA. Today, we are pleased to announce this new GDPR service with Deloitte.”

The collaboration combines Deloitte’s 20 years’ experience running managed services for its clients, successfully delivering large-scale customer outreach solutions, with AllClear ID’s 12 years of experience managing over 5,000 data breach responses. AllClear ID has handled the customer notification of three of the four largest data breach responses in history and already provides a 72-hour response guarantee in the USA. Together the collaboration provides the expertise, manpower and infrastructure to quickly notify and respond to customers after a data breach.

The GDPR customer breach notification service is available immediately in the UK, with plans to roll out services in French, Italian, German and Spanish and then globally.

Related News

Atlanta-based IDology to Be Acquired by GBG for $300m

  • IDology provides GBG with a strong foothold for Identity Verification and Fraud Prevention in North America, a key growth region for the company. ... Read more »

Safe, Smart Twitter for Finance has become more mobile

Market EarlyBird, the UK FinTech company behind EarlyBird – Safe, Smart Twitter for Finance  announced the... Read more »

Talking to customers about their data is the key to GDPR

The new General Data Protection Regulation (GDPR) governing the collection, storage and use of data are coming into force soon and new research reveals that almost two-thirds... Read more »

Ocado launches AI-based fraud detection system for online orders powered by Google Cloud

Today Ocado Technology (the technology division of Ocado, the world's largest online only supermarket) is revealing the world's first AI-based fraud detection system for online... Read more »

Signicat secures second round of Horizon 2020 funding to develop ID Assurance as a Service

Signicat, the first and largest identity assurance provider in the world, has secured phase two funding from the EU’s Horizon 2020 programme, the framework for funding research... Read more »

Mitek Acquires ICAR, Strengthing Its Position As A Global Leader In Digital Identity Verification

Mitek (NASDAQ: MITK,, a global leader in mobile capture and digital identity verification... Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App