Report a data breach (including ‘near misses’)
Before you start
Some examples of incidents that would need reporting include:Â
- Equipment failure;
- Human error;
- Hacking attacks;
- Inadvertent disclosure;
- Access by an unauthorised third party;
- Computing devices containing personal data being lost or stolen;
- Altering personal data without permission; and
- Any 'near miss' incident that had the potential to cause a data breach, even though it might not have done so.
The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. This must be done immediately.
If an incident (or near miss) involves personal data then it must be reported immediately to the °×С½ãÂÛ̳ Information Security Group.Â
Report a data breach or near miss here: /data-protection/guidance-staff-students-and-researchers/practical-data-protection-guidance-notices/report-breach.
You can also call on 020 7679 7338 (°×С½ãÂÛ̳ ext. 37338).
For further guidance please read: reporting a loss of personal data.