All Countries
Compliance
Incident Response Form

Incident Response Form Template for Belgium

Create a bespoke document in minutes,  or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Incident Response Form

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Incident Response Form

"I need an Incident Response Form for our Belgian healthcare organization that complies with both GDPR and healthcare-specific regulations, with particular emphasis on patient data protection and mandatory reporting requirements to healthcare authorities."

Celebrated by
Collaborations with
Investors
Document background
The Incident Response Form serves as a critical document for organizations operating in Belgium to properly document and manage security incidents and data breaches. This form is designed to ensure compliance with both Belgian national law and EU regulations, particularly the General Data Protection Regulation (GDPR) which requires notification of personal data breaches within 72 hours. The form captures essential information needed for internal investigation, regulatory reporting, and incident management. It should be used immediately upon discovery of a security incident or data breach, facilitating quick decision-making and appropriate escalation procedures. The document includes sections for initial incident detection, impact assessment, response actions, and regulatory notification requirements, making it an essential tool for maintaining legal compliance and effective incident management in the Belgian jurisdiction.
Suggested Sections

1. Incident Identifier: Unique reference number and classification of the incident

2. Initial Detection Details: Date, time, and method of incident detection, including who first reported or detected the incident

3. Incident Description: Detailed description of the incident, including nature, scope, and initial assessment of impact

4. Systems and Data Affected: Identification of affected systems, applications, and types of data involved (especially personal data under GDPR)

5. Impact Assessment: Evaluation of the incident's impact on operations, data, customers, and regulatory compliance

6. Immediate Response Actions: Documentation of initial actions taken to contain and respond to the incident

7. Notification Requirements: Checklist of required notifications (regulatory authorities, data subjects, law enforcement)

8. Response Team Details: Names and contact information of incident response team members and their roles

9. Current Status: Current state of the incident and ongoing response efforts

Optional Sections

1. Third Party Involvement: Details of any third-party vendors or contractors involved - include when external parties are affected or involved in the incident

2. Business Continuity Measures: Description of business continuity and disaster recovery measures implemented - include for severe incidents affecting operations

3. Cost Impact: Assessment of financial impact and resources required - include for significant incidents requiring budget allocation

4. Media Communications: Details of any public or media communications - include for high-profile incidents requiring public disclosure

5. Insurance Claims: Information relevant for cyber insurance claims - include when incident may be covered by insurance

Suggested Schedules

1. Incident Timeline: Detailed chronological timeline of the incident and response actions

2. Evidence Log: List and location of all evidence collected related to the incident

3. Contact List: Emergency contacts and escalation procedures

4. System Logs: Relevant system, security, and application logs

5. Data Breach Notification Template: Template for GDPR-compliant data breach notifications

6. Recovery Checklist: Checklist for verifying system and data recovery

Authors

Alex Denne

Head of Growth (Open Source Law) @ Genie AI | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

Linkedin in social icon imageX social icon image
alex.den.21@genieai.co
Relevant legal definitions
Incident
Security Breach
Data Breach
Personal Data
Special Categories of Personal Data
Data Subject
Data Controller
Data Processor
Supervisory Authority
Response Team
Incident Commander
Impact Level
Containment Measures
Root Cause
Mitigation Actions
System Asset
Critical Infrastructure
Business Impact
Recovery Time Objective
Recovery Point Objective
Evidence
Chain of Custody
Incident Timeline
Affected Systems
Compromise Indicators
Incident Classification
Response Priority
Escalation Path
Business Continuity Plan
Disaster Recovery Plan
Notification Requirements
Technical Controls
Remediation Actions
Post-Incident Review
Risk Level
Relevant Industries

Financial Services

Healthcare

Telecommunications

Energy

Transportation

Government

Manufacturing

Retail

Technology

Education

Professional Services

Critical Infrastructure

Insurance

Media and Entertainment

Relevant Teams

Information Security

IT Operations

Legal

Compliance

Risk Management

Data Protection

Corporate Communications

Human Resources

Executive Leadership

Internal Audit

Business Continuity

Security Operations Center

Relevant Roles

Chief Information Security Officer

Data Protection Officer

IT Security Manager

Risk Manager

Compliance Officer

Security Incident Response Manager

IT Director

Chief Technology Officer

Security Operations Analyst

Legal Counsel

Privacy Officer

Chief Risk Officer

Information Security Analyst

System Administrator

Network Security Engineer

Industries
GDPR (General Data Protection Regulation): EU regulation 2016/679 that requires reporting of personal data breaches within 72 hours and specific documentation of security incidents involving personal data
Belgian Data Protection Act: Law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data, implementing GDPR at national level
NIS Directive Implementation in Belgium: Belgian law implementing EU Directive 2016/1148 concerning measures for a high common level of security of network and information systems, requiring incident reporting for essential service operators
Belgian Criminal Code Article 550bis and 550ter: Articles covering computer crimes and hacking, relevant for incident classification and reporting to law enforcement
Belgian Electronic Communications Act: Law requiring telecom operators and ISPs to report security incidents to the Belgian Institute for Postal Services and Telecommunications (BIPT)
Belgian Corporate Governance Code 2020: Contains provisions on risk management and internal control systems, including incident reporting requirements for listed companies
Act on the Security and Protection of Critical Infrastructures: Law of 1 July 2011 requiring specific incident reporting procedures for designated critical infrastructure operators
Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Hazard Report Form

A Belgian-compliant workplace hazard reporting form for systematic documentation and management of safety concerns, aligned with local workplace safety regulations and EU directives.

find out more

Incident Response Form

A Belgian-law compliant form for documenting and reporting security incidents and data breaches, aligned with EU GDPR and national requirements.

find out more

Incident Investigation Form

Belgian-compliant workplace incident investigation form for documenting, analyzing, and following up on workplace incidents and accidents.

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.

Read our Privacy Policy.