Privacy Policy

Complaints Procedure

Incident Response

We follow a rapid set of steps as soon as a security or data incident is identified. The high-level steps we follow in the event of an incident are as follows.

  1. We identify or are notified of a potential incident
  2. We investigate the situation
  3. We take appropriate action to contain the situation
  4. We recover systems, data and connectivity if disrupted
  5. We conduct further deep-dive investigation to identify whether there was in fact an incident or whether it was a false alarm.
  6. If a positive incident is confirmed, our Information Officer will report the incident to relevant internal stakeholders, and if necessary; customers, regulators and law enforcement.
  7. We carry out a post-incident review and conduct forensic analysis.
  8. We update information, controls and processes going forward to eliminate the threat of recurrence.

Stay informed! Visit the SA Department of Health's website for COVID-19 updates: