Skip to main content

Report a Data Security Incident

Important:

If you have sent an email in error please recall the message as soon as possible to prevent a data security incident.

What is a data security incident?

A data security incident can be accidental or deliberate and involve electronic data or physical data.  It can lead to a breach, and addressing the incident quickly will reduce the likelihood of this and the severity of the consequences.

The Information Commissioner's Office describes a data breach as:

"...a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data."

What do I need to do?

It is very important that all actual or suspected data security incidents are reported immediately, using the University incidents and breaches reporting process.

Do not report the matter to the ICO yourself.

  • Telephone the IT Service Desk on 0113 34 33333. Note that this is the IT Service Desk emergency number and it is only to be used for reporting data security incidents and other IT emergencies.
  • You must also alert the Data Protection Officer who will advise on further actions required to reduce the impact of an incident.

Reporting a data incident quickly allows the University to take rapid and necessary steps to prevent a breach or to minimise the potential impact of the incident.

The University will decide if the matter needs to be reported to the ICO, do not report the matter to the ICO yourself.

All data security incidents are logged by the University irrespective as to whether an event was onward reported to the ICO.