IT Services
  • Print

Incident management

Robust processes to handle a reported data security breach.

Data breach

Data security breaches are increasingly common occurrences whether these are caused through human error or via malicious intent. As technology trends change and the creation of data and information grows, there are more emerging ways by which data can be breached. The University needs to have in place a robust and systematic process for responding to any reported data security breach, to ensure it can act responsibly and protect its information assets as far as possible.

How to comply

The aim of this policy is to standardise the University-wide response to any reported data breach incident, and ensure that they are appropriately logged and managed in accordance with best practice guidelines.

By adopting a standardised consistent approach to all reported incidents it aims to ensure that incidents are:

  • reported in a timely manner and can be properly investigated
  • handled by appropriately authorised and skilled personnel
  • recorded and documented
  • dealt with in a timely manner and normal operations restored
  • reviewed to identify improvements in policies and procedures

The policy also ensures that:

  • appropriate levels of University management are involved in response management
  • the impact of the incidents are understood and action is taken to prevent further damage
  • evidence is gathered, recorded and maintained in a form that will withstand internal and external scrutiny
  • external bodies or data subjects are informed as required

More information can be found on our Records Management website.

Related services

Need help?

Male postgraduate student studying in The Studio, Portland Building, University Park


University of Nottingham

University Park
Nottingham, NG7 2RD

telephone: +44 (0) 115 951 5151
fax: +44 (0) 115 951 3666
email: Contact us