Skip to main content

GDPR: Updates

Show all news items

GDPR : Reporting Personal Data Breaches

The University is required to keep a record of all security incidents involving personal data. Reportable incidents must be reported to the Information Commissioner by the Data Protection Officer (DPO) of the University of Warwick, within 72 hours of detection, and without undue delay to individuals affected by the incident. It is vital that all staff report a personal data breach, however minor, as soon as possible after discovery so that we can use the 72 hours to establish what has happened, the size of the breach and whether it needs to be reported further.

Here is guidance on what a personal data breach is, what to do if you know (or suspect) there has been one and how the IDC Team will manage such breaches. Please find below the forms required:

Downloadable Form


Tue 15 May 2018, 12:08