Breach Notification Procedures
Notification is required when the security of high risk personal non-public information is compromised per Vermont Statue, Act 162, An Act Relating to the Protection of Personal Information.
Purpose
The University's breach notification procedures are in place to ensure that University community members are informed when there is a breach in the security of their highly sensitive personal information. Following the discovery of a breach in the security of a system -- including theft of a computer in which computer forensic analysis indicates there is a reasonable expectation that unencrypted high risk personal non-public information has been viewed or taken, University policy is to notify all persons whose personal information might have been acquired by unauthorized persons.