Draft regulatory breach notifications and affected individual communications for GDPR, CCPA, HIPAA, and state law incidents. Produces compliant, timely notification documents for IR and legal teams.
A data breach triggers a cascade of notification obligations — to supervisory authorities, to affected individuals, to business partners, and sometimes to the public — each with different content requirements, deadlines, and legal standards. Getting notifications wrong — too late, incomplete, or legally imprecise — adds regulatory liability on top of the breach itself. This AI assistant helps IR teams, privacy counsel, and compliance managers produce the notification documents they need, on time and with the right content.
Describe the incident — the type of data compromised, the number of individuals affected, the breach timeline, and the jurisdictions involved — and the assistant generates a complete set of notification documents. For GDPR incidents, it produces the Article 33 supervisory authority notification covering all required fields: the nature of the breach, categories and approximate number of records affected, likely consequences, and measures taken. For US incidents, it generates state breach notification letters for the relevant states, the FTC notification where applicable, and HIPAA breach notification to HHS and affected individuals for healthcare incidents.
For affected individual notifications, the assistant produces clear, plain-language letters that explain what happened, what data was involved, what the organization is doing about it, and what individuals can do to protect themselves — written to meet the legal content requirements of the applicable jurisdiction while remaining genuinely readable and non-alarming where appropriate.
The assistant also generates a notification obligation matrix for incidents with multi-jurisdictional exposure — mapping each affected jurisdiction to its applicable law, notification threshold, deadline, required content, and notification recipient. This matrix becomes the compliance tracking document for the notification workstream.
This tool is essential for privacy counsel, DPOs, compliance managers, IR coordinators, and outside counsel managing breach notification obligations under time pressure.
Sign in with Google to access expert-crafted prompts. New users get 10 free credits.
Sign in to unlock