Go to the Students section
Go to the Staff section
Go to the Alumni section
Go to the Study here section
Go to the International section
Go to the About section
Go to the Research section
Go to the Business and Employers section
Go to the Support us section
The University holds a large amount of information, both in hard and soft copy. This includes personal and sensitive personal data, and also non-personal information which could be sensitive or commercially confidential, for instance financial data. Care should be taken to protect this type of data, to ensure its integrity and to protect it from loss, theft or unauthorised access.
In the event of a information security incident (also known as a data protection breach), it is vital that appropriate action is taken to minimise associated risks. A risk analysis should be performed factors which need to be considered are:
What is an information security incident?
An information security incident is any event or near-miss in which confidential or sensitive data is compromised by being lost, destroyed, altered, copied, transmitted, stolen, used or accessed unlawfully or by unauthorised individuals whether accidentally or on purpose. Some examples:
Reporting an information security incident
Information security incidents should be reported immediately to The IT Service Desk, as the primary point of contact. The report should include full and accurate details of the incident, including who is reporting the incident, what type of data is involved, if the data relates to people, how many people are involved. IT Service Desk will keep a confidential log of this information. This will then be escalated to the Information Compliance Officer who in turn will convene a response team.