Cookies on this website

We use cookies to ensure that we give you the best experience on our website. If you click 'Accept all cookies' we'll assume that you are happy to receive all cookies and you won't see this message again. If you click 'Reject all non-essential cookies' only necessary cookies providing core functionality such as security, network management, and accessibility will be enabled. Click 'Find out more' for information on how to change your cookie settings.

Accept all cookies Reject all non-essential cookies Find out more

What is a Data Breach?

A data breach occurs if personal data is seen by someone with no right to see it (unauthorised disclosure) or if it is lost, damaged or destroyed. 

If you think, or suspect, that something isn’t right, report it immediately to:
Information Compliance Team (ICT): data.breach@admin.ox.ac.uk (ext. 70285)

As soon as you know or suspect that a breach has occurred, report it straightaway, even if you do not have all the details. 

The University has a legal duty to report any serious breach to the Information Commissioners Office (ICO) within 72 hours of becoming aware of it. If we fail to do this, we risk being fined. 

After you submit your report, the ICT will provide guidance and support, and decide whether the breach needs to be reported to the ICO. 

For more information on how to identify a data breach: https://compliance.admin.ox.ac.uk/reporting-data-breaches 

Quick links:

PRISMS-IG: All our IG policies in one place

Information Security Training Module: Provided by the University, needs to be completed by everyone

NHS Data Security and Protection Toolkit

How to:

Report an information governance incident

Ensure you are working securely