A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, authorised disclosure of, or access to, personal data. The University has procedures in place to contain, mitigate, manage and notify a personal data breach. Please, use the reporting form in the link below:
The University’s data breach reporting requirements to the ICO
The University is not under a legal obligation to report every data breach to the ICO.
The GDPR, ICO guidance, EU guidance and the ICO’s self-assessment tool are all used to determine whether a data breach requires reporting.
The University’s reporting requirements to individuals
Where the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms the University is required to inform those individuals without undue delay.
The University’s obligations to record data breaches
The University must also keep a record of any personal data breach, regardless of whether it is reportable.
Role of the DPO in data breach incidents
The DPO is responsible for investigating a data breach incident as part of their statutory task to monitor compliance and will follow the data breach reporting obligations as set out in the GDPR and regulatory guidance.
Help and support
If you think you detect any unusual online activity, please report it immediately.
Who needs to know this?
This information concerns us all. If you use a Warwick staff card, a Warwick email address, access one of our staff or student record systems or share your Warwick work with colleagues within or beyond the University, you are involved in activities that must be kept secure.
Data Protection Officerdpo@warwick.ac.uk
The University of Warwick
Coventry CV4 8UW