You may be trying to access this site from a secured browser on the server. Please enable scripts and reload this page.
Skip to Navigation
Skip to Main Content
State Agency Directory
Legal, FOIA, & HIPAA
Intersection of FOIA & Privacy
Privacy Impact Assessment
What is an incident? And what should I do if I think there’s been a privacy or security incident?
An incident is defined as “any event that compromises the security, confidentiality, or integrity of personally identifiable information (PII).” Even the very best privacy programs have incidents – we know that people make mistakes and PII becomes exposed. The best privacy programs prepare for incidents; workers know how to report mistakes and privacy officers know how to respond. Always notify your supervisor or manager immediately of a suspected incident!
If you know or suspect that an incident has occurred, be sure to contact the Office of Technology by one of the following methods:
E-mailing firstname.lastname@example.org with a subject line of “INCIDENT”
Going to the West Virginia Office of Technology (WVOT) Web Site at https://apps.wv.gov/ot/ir/Default.aspx, and filling out the online Incident Report Form
Contacting the WVOT Service Desk by phone at 304-558-9966 or 877-558-9966
Be prepared to supply the following information:
The date the incident occurred (if known) or was discovered
What PII was exposed
What steps (if any) have been taken to recover the PII
Any other information that may be relevant
For more information on recognizing and reporting incidents, visit the Incident Response page of the Privacy Office website www.privacy.wv.gov.
Note: Your agency/bureau/department/division may have specific requirements – always check your policies and procedures. If you have questions, contact your Privacy Officer.