Types of case:
- Incidents – cases taken forward for potential investigation are set up as ‘Incident’ cases while the team is reviewing the case, obtaining further information and determining whether the case should progress to a full Investigation. Those cases which appear on the Incidents data sets are those which were considered but not progressed to a full Investigation.
- Investigations – cases where full investigations have been undertaken in consideration of potential regulatory action appear on the Investigations data set.
Cyber investigations usually originate from a data protection complaint or self-reported data breach case. Data protection complaints and self- reported data breach cases are managed using a case management system called ICE360, while cyber investigations are managed using a case management system called Crimson.
We are now able to produce reports for cyber investigations which include the data relating to the initial ICE360 complaint or personal data breach case, where relevant, alongside the data about the resulting investigation, which is from Crimson. This is reflected in the reports from Q4 2022-2023 onwards and the column titles indicate whether the data in that column has come from ICE360 or Crimson.