Privacy Breach Reporting (for reporting suspected or actual privacy breaches) Related Policies and Procedures: Access to Records and Protection of Privacy and Access to Student Records and Protection of Privacy This form is to be completed by the appropriate school/department manager. Section 1: General InformationName of Individual Reporting First Last Email School/DepartmentDate of Incident MM slash DD slash YYYY Describe what happened, including how the incident was discoveredSection 2: ContainmentHave the records been contained or access to them stopped? Yes No Can you confirm that no copies have been made or retained by the individual(s) concerned who were not authorized to receive the information? Yes No If a system was breached, date the system was shut down MM slash DD slash YYYY If required, computer access codes or authorizations revoked or changed on MM slash DD slash YYYY Identify and describe any weaknesses in physical or electronic securityCorrective actions recommendedProvide the contact information for individual receiving unauthorized information (may be required for follow-up). If multiple individuals are involved, attach details in a separate sheet.First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneSection 3: Risk AssessmentWhat personal information was involved? List the specific data elements Format of records Electronic Soft copy Was information encrypted, anonymized, password protected or otherwise not easily accessible? Yes No Describe the physical or technical measures in place at the time of the breachSensitivity of the information High Medium Low In general, the more sensitive the personal information, the greater the harm to individuals from a privacy breach. High* e.g. health, financial, student or employment information, especially in combination Medium* e.g. opinion material Low* e.g. name and address only *Note these are general examples only; content also determines sensitivity Is this breach Isolated incident Systemic problem Please describeNumber of individuals affected from the breachProvide the contact information for any affected individuals (may be required for follow-up). If multiple individuals are involved, attach details in a separate sheet.First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAdd another contact? Yes No First NameLast NameEmail PhoneAffected individuals or groups Students Employees External Please describeIs there foreseeable harm from the breach? Yes No Unsure What harm could result from the breach? (check all that apply)Harm to individuals Risk to physical security Financial Loss Identity Theft Damage to Reputation/Relationship Other Please describeHarm to Durham College Loss of trust Damage to reputation Financial losses or exposure Legal proceedings Other Please describeHarm to Public Risk to public health Risk to public safety Other Please describePlease attach any files involved with this incident. Drop files here or Select files Accepted file types: docx, pdf, jpg, Max. file size: 49 MB, Max. files: 5. In accordance with Section 39(2) of the Freedom of Information and Protection of Privacy Act, 1990, the personal information collected on this form is collected under the legal authority of the Ontario Colleges of Applied Arts and Technology Act, 2002 and may be used and/or disclosed for various administrative, statistical and/or research purposes of the College and/or ministries and agencies of the Government of Ontario and the Government of Canada. If you have any questions about the collection, use and disclosure of your personal information by the College, please contact the Freedom of Information and Protection of Privacy Coordinator, 2000 Simcoe Street North, Oshawa, ON, L1G 0K5, 905.721.2000 ext. 3292. CAPTCHA
App Store
Google Play