Understand and report IT security incidents
UMHS faculty and staff can help maintain information security at our health system by recognizing and reporting security incidents.
An information security incident is any attempt, successful or not, to access, disclose, modify or destroy information on a computer system without appropriate authorization.
- Unauthorized use or access to data containing protected health information (PHI) or other sensitive information (e.g. computer hacking, access obtained from a stolen password, etc.)
- Loss or theft of a mobile device, a laptop, or a flash/thumb drive containing PHI or other sensitive information
- Failure to appropriately destroy electronic data so that it is rendered completely unusable
Signs of possible information security incidents include, but are not limited to, the following:
- User denied access to a system or application unexpectedly
- Account lockouts or password resets that the user did not initiate
- Suspicious emails in a user’s inbox, sent, or trash folder
- Unexpected software or system behavior
Even if you think it is insignificant, an incident may be part of a larger issue, and the information you provide may help the IT Security team understand a complex situation.
How Do I Report a Security Incident?
Immediately report a suspected or actual security incident to your IT Service Desk.
- MCIT Customers: Call (734) 936-8000
- MSIS Customers: Call (734) 763-7770