Data protection law requires the University to protect data from unauthorised access, misuse or loss.
Data breach incidents often include the following situations:
If one of the above happens, or you suspect that University’s systems or data have been compromised, you must report it without delay to the University’s Data Protection Officer at dataprotectionofficer@essex.ac.uk
Describe what has happened, what data has been affected and what steps have been taken to address it. The DPO may ask you for additional information.
The University has 72 hours in law to determine whether the data breach is severe enough to require notification to the Information Commissioner’s Office. Swift action also helps where the University needs to inform individuals affected by the incident, for example, to change a password or contact their bank.
The DPO will address these immediate issues and work with the required parties in the University to close down the breach.
Subsequently, the DPO may make further recommendations to review systems and processes, and mandate additional training or support.
For further information, please email dataprotectionofficer@essex.ac.uk