Skip to main content

Your university laptop was stolen. Now what?

Concordia employees are responsible for confidential information
June 15, 2015
|
By Shelagh Peden


In the case of a breach of sensitive information, advise your manager or supervisor and the Security Department immediately. In the case of a breach of sensitive information, advise your manager or supervisor and the Security Department immediately. | Photo by Concordia University

Imagine this scenario: You bring your laptop home to do some work one evening and in the middle of the night thieves break in to your house. You awake the following morning to discover that among the items they've made off with is the university’s laptop. Would you know what data had been compromised? Would you have any idea about what to do next?

For the most part, employees of the university know they’re responsible for their behaviour on campus and that they have responsibilities stated on their employment contracts, which they're obliged to fulfill. But what many don’t realize is that all employees are responsible for the confidentiality of university data in their possession, including electronic records, because it can have a serious impact on Concordia’s reputation and the extent to which the public perceives the institution as trustworthy.

Sensitive information includes any element or several elements that, when taken together, could identify an individual, such as a name, address, phone number, photo, Social Insurance Number (SIN), date and place of birth, health record, education history, degrees, employment history and marital status.

A breach is an incident involving a loss of control of secure data, unauthorized disclosure or access or theft. An information breach can also occur if the security of your computer is compromised. Perhaps you left it unlocked in a public area, or you accidentally share the wrong file.

In the case of a breach of sensitive information, advise your manager or supervisor AND the Security Department immediately. Security can be reached at ext. 3717 internally, or at 514-848-3717 from any phone.

Security will then activate the Sensitive Information Breach Response Team (SIBRT), which includes representatives from the Office of the General Counsel, Information and Instructional Technology Services, Security and University Communications Services, as well as Human Resources, the University Registrar and the Office of Research, as necessary.

If the incident includes theft, or if SINs are compromised, Security will inform the municipal police.

The SIBRT will assess the severity of the breach, collect and confirm facts around the incident and inform individuals affected by the breach. The team will also liaise with the Commission d’accès à l’information du Québec if necessary.

The faster a breach is reported, the better. So don’t delay. The Security Department and the SIBRT are here to help you.

Read the university’s official policies on Confidential Information (HR-36), the Emergency Release of Personal Information (SG-5), and the Protection of Personal Information (SG-9).

Check out Security’s Prevention page. They’ve got lots of tips to keep you, your identity and your belongings safe. 

 



Back to top

© Concordia University