What is a data security incident?
'A data security incident is an event that has the potential to affect the confidentiality, integrity, or availability of data held by the university in any format (digital and non-digital). Data security incidents can be caused by a variety of factors, affect different types of personal and/or confidential information and give rise to a range of actual or potential harms to individuals and entities or Maynooth University itself.
What type of incident should be reported as a data security incident?
Incidents that should be reported may include but are not be limited to
Theft or loss of the Maynooth University’s computer equipment, including:
- Desktop computers,
- Laptop computers,
- External hard drives,
- Compact disks/DVDs,
- Mobile devices,
- Thumb drives,
- Any other device or storage media (whether issued by Maynooth University or not, which may contain business records or personal identifiable information of any potential compromise of Maynooth University’s, staff, students, contractors, or affiliates).
Theft or loss of the Maynooth University’s physical print media, including:
- Documents containing confidential and/or personal information such as contracts, payslips, tax documents, medical documents, terms of business, or proposed terms of business.
Computer/network intrusions, data losses, or other compromises, including:
- The unauthorized access, viewing, copying, forwarding, or removal of electronically stored data; or
- Any other incidents that result/may result in unauthorized acquisition or release of any potential compromise of electronically stored university information.
Data transmission incidents, including:
- Inadvertent e-mail releases
- Unsecured data transmission