Skip to main content

Report a breach

University procedure for reporting a data protection breach


If you suspect that a breach of the Data Protection Act has or may have occurred, you should immediately contact the Data Protection Officer by email at

You should provide as much information as possible, including:

  • what information is involved, to whom it pertains and the number of individuals' data involved
  • what happened to it - lost, stolen, or inadvertently disclosed
  • how the breach may have happened
  • actions taken so far.

Data protection breaches include the accidental loss of data. This could involve a lost laptop or mobile phone with personal data stored on it or lost hard copies of files.

Even the loss or accidental disclosure of data relating to just one person can be of serious concern, particularly if it includes sensitive data such as health information, and should be reported immediately.

Any member of staff who realises that they have caused personal data to be lost or inadvertently disclosed must report the matter. Even if you have not been directly involved in the loss or disclosure, you are obliged to report the matter immediately.


If you have any questions, please contact us.

On this page