In the event of a compromise of confidential or sensitive data, contact the Office of Enterprise Risk Management.

Some example scenarios:

A laptop containing sensitive information is stolen (physical intrusion or theft).
Sensitive information is inadvertently posted on a web site without access restrictions (configuration error).
Access restrictions are inadvertently changed or removed, exposing the data (configuration error).
A system compromise raises questions as to the continuing confidentiality of the data (intrusion).
Key logging software or other spyware is found on a host (malware).

Please refer to the Data Breach Management policy (and related documents).

Compromise of Confidential or Sensitive Data