A data security breach involves the loss of, or unauthorised access to, personal or confidential data or intellectual property. This includes both information in hard-copy and electronic information. Breaches include:
Theft or loss of data (e.g. Sensitive papers or a laptop containing intellectual property being lost)
Accidental disclosure (e.g. Personal data being emailed to the wrong person or published online)
Malicious access to data (e.g. Student personal data being given out to an impostor over the telephone or hacking)
All information security incidents (including those involving paper records) must be reported promptly so the risk to individuals, the University and others can be contained and prevented where possible.
If a data security breach has occurred you must contact SID by phone (0300 555 0444) and follow the Data Security Breach Management Procedure.
Do not contact via email as there can be a delay in responding and the associated risks can significantly increase. By reporting quickly steps can be taken to investigate, secure the information and prevent incidents from become a breach.
Theft of equipment and physical break-ins should also be reported to the University Estate Patrol (telephone: 01392 723999; report an incident)
What should I do in the case of a data breach?