GDPR compliance means that your organization should be prepared to deal with data breaches,
and provide for rapid counteractions to
mitigate their impact.
Data breaches must be notified to supervisory authorities within
72 hours, or even less,
if data breaches affect the freedom of natural individuals (GDPR Article 33). In addition, every affected person must be notified with
the details about the incident.
To this end, your organization must define an incident response plan, as well as setup the right environment to mitigate the impact of data breaches.