UW Privacy Office

Report an Incident

Contact uwprivacy@uw.edu or 206-616-1238 for potential events or incidents involving personal data or individually identifiable information. The UW Privacy Office will help manage the risk, assess the impact to the privacy of personal data or individually identifiable information regardless of form (paper or digital, within an infrastructure technology or information system), and will make the final determination of notification to individuals and outside parties.

Topics below:

  • Do and Don’t
  • What to report
  • What happens in the incident management process

Do and Don’t


 Do 

  • Ensure that all events/incidents involving personal data or individually identifiable information are reported to uwprivacy@uw.edu or 206-616-1238
  • Immediately isolate the affected system to prevent further intrusion, release of data, etc.
  • Document only information that has been substantiated
  • Mark documents as “draft” until finalized
  • Preserve all pertinent systems logs
  • Identify all systems and departments that connect to the affected system
  • Dispose of drafts and maintain final documents, including email, in accordance with the UW’s records management and retention requirements

Don’t

  • Communicate that there is a potential event/incident to individuals not directly involved in the incident management process
  • Delete, move, or alter files on the affected system
  • Contact or retaliate against the individual who may have caused the event/incident
  • Conduct your own forensic analysis

What to report


Please provide the following data when reporting an incident: 

  • When did the event/incident occur?
  • What type of data are involved?
  • Approximately how many identifiable records are involved?
  • In general, where do people with data at possible risk currently live (Washington State, other states, and/or other countries)?
  • Was the data encrypted?
  • What system(s), if any, are involved?
  • What organization(s) or unit(s) are involved?
  • Are there system logs that need to be preserved?
  • Is the system deemed critical to operations?
  • Who else at the UW knows or has been informed about the event/incident (identify by name)?

What happens in the incident management process?


The UW Privacy Office is responsible for providing oversight and direction for investigations and events/incidents involving personal data or individually identifiable information and for making the final determination of notification to individuals and outside parties.

For potential events or incidents involving personal data or individually identifiable information, the UW Privacy Office determines the extent or cause of the event/incident, and whether an event or incident is a data breach. As needed, the UW Privacy Office collaborates closely with other offices and individuals at the UW who are specifically trained in and responsible for providing forensic analyses, and with subject matter experts for laws or regulations that may relate to the data involved in the event/incident. Communication and notification to persons or third parties affected by an event/incident are made in accordance with this assessment process and the applicable legal, regulatory, or contractual requirements. Pertinent details of the event/incident are included in the final and official record for the UW to be maintained according to the records retention schedule.