GW Monogram

GW Privacy Office

 

Report a Data Incident

As outlined in the University's Privacy of Personal Information Policy, all members of the George Washington University (“GW”) community who have access to GW systems, networks, or data are responsible for promptly reporting any suspected, potential, or confirmed data incidents involving University non-public information. Timely reporting is critical to enable appropriate investigation, mitigation, and compliance with legal and institutional obligations.

A data incident may include, but is not limited to, unauthorized access, use, disclosure, loss, alteration, or destruction of non-public information. This may involve information stored or transmitted in any format, including electronic systems (such as computers, email, or cloud storage), physical records (such as paper files), portable devices, or publicly accessible platforms (such as websites).

Please use the form below to report any suspected or actual data incident involving University non-public information. When submitting a report, provide as much detailed and accurate information as possible to assist in the assessment and response process. 

Upon receipt, GW will review and investigate the reported incident in accordance with applicable policies, procedures, and legal requirements. This may include coordinating with relevant University offices—such as Information Technology, Information Security, Privacy Office, Office of General Counsel, and other appropriate departments—to assess the scope of the incident, take necessary containment and remediation measures, and determine whether notification or additional actions are required. 

All reports will be handled in a manner consistent with University policies and applicable laws. Individuals are encouraged to report concerns in good faith and without delay.

Note: if you are looking to report a data incident related to personal data maintained by either the GW Hospital or the GW Medical Faculty Associates (MFA), they are separate entities from the university, and have their own reporting channels. To report a privacy concern involving either the GW Hospital or the GW MFA, please see details below:

  • GW Hospital: A list of patient rights and responsibilities, points of contact, and how to report concerns involving GW Hospital can be found on the Patient Rights and Responsibilities webpage.
  • GW Medical Faculty Associates: The MFA's Privacy Team manages privacy concerns and inquiries related to the MFA. 

Information about the data incident or suspected data breach
CAPTCHA