Search Information Security site


Main menu

Reporting an Information Security Incident Procedure

Table of Contents

1.  Purpose and Background
2.  Procedures
     a) Reporting an Incident
     b) Contacting University Police
3.  Definitions
4.  Related Links
5.  Exceptions

[Return to Library]

1. Purpose and Background

All users of University IT resources must report the incident as soon as possible and no later than one (1) hour from the time the incident is identified. Of particular concern are incidents involving a device hosting sensitive and legally protected data. Lost or stolen electronic devices and media must also be reported directly to the UVa Police Department. If the incident did not occur in the Charlottesville-Albemarle area, it should be reported to the appropriate police jurisdiction. Note: Non-Information Security Office personnel overseeing or owning technology resources who are notified of a potential information security incident must notify the appropriate security office via the online form and should follow the instructions provided in Information Security Incident Report Guidance for Technology Professionals.

[Table of Contents]

2. Procedures

Reporting an Incident

Instructions for reporting a security incident depend upon the nature of the incident and University affiliation. In all scenarios, all those within the University community who feel threatened or endangered should immediately contact University Police {weblink to below heading Contacting University Police}.

Procedures for various affiliations and/or incidents are provided below:

Medical Center Employees

Medical Center employees should contact the Computing Services Help Desk at (434) 924-5334 to report incidents to the Medical Center's Information Security Office. Additional information is provided in the Medical Center's Incident Management Guideline.

University Physicians Group Employees

Report incidents to the UPG HIPAA Security Desk at (434) 970-2484 or (434) 924-5334.

UVa's College at Wise (or Related Foundation) Students or Employees

Report incidents to the Security and Policy Coordinator by emailing [email protected] or calling (276) 376-4641. If the incident involves equipment theft, the person reporting the incident should also immediately contact the UVa-Wise Police Department at (276) 328-2677. The Information Technology Security and Policy Coordinator will inform all other appropriate University officials.

UVA Students

If the incident involves student activity or student-owned equipment, then:

If the incident involves activity in a student-employee capacity, see the instructions for University Academic Division or Other Foundation Employee.

University Academic Division or Other Foundation Employee

Report incidents to the University’s Information Security office via the online Security Incident Report form (preferred) or phone at (434) 924-4165. The use of information technology resources for unethical or unlawful purposes (such as incidents involving employees and pornography) should be reported directly to University Human Resources by calling 434-243-3344 or emailing [email protected]

Non-Information Security-Related Incidents

For any other problems that do not qualify as information security incidents as defined

Contact the UVA Help Desk at (434) 924-HELP (434-924-4357

Incidents Involving Student Activity or Student-Owned Equipment

If the incident involves activity in a student-employee capacity, see the instructions for University Academic Division or Other Foundation Employee.

Contacting University Police

Medical Center Employees, University Physicians Group Employees, UVA Students, and University Academic Division or Other Foundation Employees contact the UVa Police (911 from any University phone or 434-924-7166 from other phones).

UVa's College at Wise (or Related Foundation) Student or Employees contact the UVa-Wise Police at (276) 328-2677.

[Table of Contents]

3. Definitions

See the list of definitions for the Acceptable Use, Data Protection, Information Security, and Privacy & Confidentiality policies.

[Table of Contents]

4. Related Links

[Table of Contents]

5. Exceptions

If you think you need to request an exception to these requirements, please refer to the Exceptions Process.

[Table of Contents]

APPROVER: Chief Information Security Officer


Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form