1. When you become aware of a data breach you must immediately inform the University information compliance office. See https://www.information-compliance.admin.cam.ac.uk/data-protection#heading6 for advice and links to contact information.
They will liaise with the Information Commissioner’s Office and the School Information Governance Lead to deal with the matter
2. At the same time you must inform all relevant regulatory and internal bodies who have approved the research study. These may include, but are not limited to
- Internal Ethics Committees
- NRES – for guidance speak to the Clinical School Research Governance Officer
- MHRA – for guidance speak to the Clinical Trials Unit or Addenbrookes R&D
If you find a security breach on your security system you should inform the Clinical School Computing Service as soon as possible.