Skip to Navigation
Skip to Main Content
WV.gov
State Agency Directory | Online Services
West Virginia BRIM Privacy
West Virginia State Privacy Office
WV.gov
Navigation Menu
  • About
    • Annual Reports
  • Privacy Policies
  • Incident Response
  • Legal, FOIA, & HIPAA
    • Legal
    • Intersection of FOIA & Privacy
    • HIPAA
  • Privacy Impact Assessment
West Virginia State Privacy Office
Skip Navigation LinksPrivacy > Privacy Tips > Data Breaches

Data Breaches

Page Content

West Virginia Executive Branch
Privacy Tip


Question:

Security breach or data breach…Is there a difference?

Answer:

A “security breach” is generally defined as an “unauthorized access to and acquisition of data that compromises the security, confidentiality, or integrity of personal information maintained by the person or business.”

A “data breach” is generally defined as an unauthorized disclosure or mismanagement of information that compromises the security, confidentiality, or integrity of personally identifiable information (PII), such as Social Security numbers, name and addresses, date of birth, health care information and bank account information.

The term defined in the WV OT Information Security Policy is Security Incident – An event characterized by unexpected and unwanted system behavior, breach, or unintended alteration of data.

These terms are used interchangeably and reference various forms of information security breaches which generally include:

  • A hacker breaking into a network and stealing information.
  • A lost or stolen laptop that has someone's social security number.
  • A lost blackberry that has personal information about employees or customers.
  • A fax that includes financial information that's thrown away instead of shredded.
  • Theft of sensitive or confidential information by employees.

Sources cited:
National Institute of Standards and Technology
CMS – HIPAA Security Rule
WVOT Information Policy 

Contact Us | Site Map | Disclaimer | WV BRIM Policies