Search This Site


Main menu

Information Technology Compliance Team

The IT Compliance team within InfoSec is responsible for ensuring compliance with UVA IT policies and conducting information security reviews.  

Types of reviews conducted by IT Compliance include, but are not limited to:

  • Cloud vendor risk assessments
  • On-premise system assessments
  • Annual Information Security Risk Management (ISRM) assessments
  • Information security requirements in contracts
  • Research data security

When you are ready to initiate a review, then please visit our Self Service Portal in OneTrust and launch the "Review Request" form.  You can also reach out to our team by sending an email to [email protected].  

If you are seeking IT Compliance guidance and are from the UVA Health System (, please contact [email protected].  

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form