Events that jeopardize the security and privacy of institutional and personal data will occur, in spite of the most vigilant efforts to minimize their occurrence. The University Information Policy Office responds to and investigates incidents related to misuse or abuse of Indiana University information and information technology resources, regardless of the campus or unit involved. This includes computer and network security breaches and unauthorized disclosure or modification of institutional or personal information. The role of the Incident Response team is to coordinate a consistent and effective response to such events. Each member of the university community should be watchful and prepared to report incidents.
Reporting incidents involving sensitive data
In the event of an incident concerning the possible exposure or loss of sensitive institutional or personal data, you must take immediate action to report the incident to UIPO as soon as the incident is suspected. For more information on reporting these incidents, see:
Reporting other types of suspected incidents
For incidents involving threats to personal safety or physical property, or illegal activities, immediately contact your campus police department. For non-emergency reports of information and information technology security or abuse incidents, send email to it-incident@iu.edu. If you are reporting an incident related to an email message you received (i.e. spam or phishing), please see:
Anonymous reporting hotline
In some cases, it may be desirable or prudent to report an incident anonymously. Indiana University Internal Audit has made arrangements with a third party to provide an anonymous reporting hotline. Information about the hotline is available at:
