Cookies on this website
We use cookies to ensure that we give you the best experience on our website. If you click 'Continue' we'll assume that you are happy to receive all cookies and you won't see this message again. Click 'Find out more' for information on how to change your cookie settings.

How to Report an Incident, including suspected and actual Breaches?

An “Incident” is any event that poses or could poses risk to the security, integrity or confidentiality of Department information. An Incident includes actual breaches of confidentiality as well as security ones. Refer to this table for examples.

  •  Accidental loss or deletion of information
  •  Accidental disclosure of information to unauthorised persons
  •  Inappropriate use of data (e.g. for personal or business reasons, or use in projects for which it is not authorised/approved for use)
  •  Loss or theft of a computing device, removable media or printed data
  •  Physical security breaches (e.g. intruders, unaccompanied visitors)
  • Inappropriate disposal of information (e.g. confidential papers in a bin)
  • Complaints from data subjects, members of the public, external contractors, consultants, suppliers, agencies or collaborators relating to information/data issues
  • Complaints about external contractors, consultants, suppliers, agencies or collaborators relating to information/data issues
  • Computer viruses, malware, hacking, or other electronic attack
  • Data held/retained when no permission or legal basis exists to hold/retain it.
  • The ongoing lack of appropriate resources to reduce risk, such as suitable equipment or security measures
  • Any other material or potential breach of Department or University policy, or any legal, contractual or regulatory breach

Members of the Department must report actual or suspected Incidents, including all breaches, to the University Data Breach Team as follows:

  • Log the Incident using the PCH Incident Referral Form;
  • Email the completed referral form immediately to: data.breach@admin.ox.ac.uk
  •  Always include these individuals on the “Cc” line of the referral:
    - The Department Line Manager of the person referring the Incident; 
    - The Information Asset Owner for the Department data set which is the subject of the Incident; and
    - The Department IG Manager (IGM) using this email account: datasecurity@phc.ox.ac.uk.

The IGM (Phil Nieri) will coordinate the triage, escalation to the IT/G Head (John Briggs) and the Senior Information Risk Owner (SIRO – Nicola Small) as well as the required remediation in response to the referral.

Members should not delay the reporting of any Incident to the Data Breach team by first attempting to gather more information and/or referring it initially to the SIRO, IT/G HEAD and/or IGM for feedback.

The University of Oxford Information Security team is available to provide additional information and/or assistance here:

https://www.infosec.ox.ac.uk/incident-management

or https://www.infosec.ox.ac.uk/report-incident