University Privacy Incident Response Program

The Office of Institutional Integrity (OII) leads East Carolina University’s (ECU) Privacy Incident Response Program. The primary purpose of the program is to investigate potential privacy incidents to determine if there has been an unauthorized acquisition, access, use, or disclosure of protected data. Additionally, OII works with relevant university leadership to ensure any reporting requirements under applicable laws, regulations, or contracts are met.

All members of East Carolina University (ECU) are responsible for protecting the confidentiality, integrity, and availability of data created, received, stored, transmitted, or otherwise used by the University, regardless of the medium or form of the data (e.g., electronic, paper, fax, CD, or other physical form). ECU is subject to various regulations that include notification requirements if/when there are suspected or confirmed data incidents.

Identifying and resolving privacy incidents in an organized manner is a crucial element of OII’s compliance programs. The ECU Privacy Incident Response Plan provides a structure for identifying, assessing, responding, communicating, and documenting an incident along with any corresponding remediation plans.

The goals of the ECU Privacy Incident Response Plan are:

  • Minimize negative consequences of information privacy incidents
  • Enable prompt incident response decisions by appropriate stakeholders
  • Proactively reduce the exposure of ECU to privacy incidents by employing consistent incident management and response processes that incorporate lessons learned from past incidents
  • Satisfy federal, state, and industry laws and regulations that require improved protection of sensitive and private information, and timely disclosure of potential breaches to affected individuals

Any known or suspected privacy event must immediately be reported to the ECU ITCS Helpdesk via phone 252-328-9866. This is the first step in mitigating an active privacy event and to initiate the University’s response to a reported privacy event. Individuals can also contact the Office of Institutional Integrity either via phone 252-744-5200 or email ECUPrivacy@ecu.edu after contacting the ITCS Helpdesk.