University of Vermont

Information Technology

How to Report Information Technology Concerns

How to Report Information Technology Concerns

If you know of something related to technology at UVM that might put personal information at risk, that seems contrary to policy or law, or that raises ethical concerns, how can you let the right person or group know about it?  Here are suggested ways of reporting some common concerns, including information security incident reports.

If you know of...

Please report by...

For more information

Computer or information technology security incident or breach

A security or data breach is any incident in which sensitive or confidential data are exposed, or are at risk of exposure to unauthorized persons.  High risk personal non-public information is of greatest concern.

Normal business use by employees or University business partners does not constitute a computer security breach.

For example:

  • Loss or theft of a computer
  • Loss or theft of a portable device such as a phone, a hard drive, a USB flash ("thumb" or "pen") drive, a CD or DVD
  • Release or publication of sensitive or confidential data, whether intentional or accidental, such as on web pages or listserv postings
  • An unauthorized person having unsupervised access to a University employee's computer
  • An unauthorized person gaining control of a University computer, whether directly (for example, through hacking) or indirectly (by creating and distributing malware such as viruses, trojans, and botnets)

Call (toll-free) 866-236-5752 or Email iso@uvm.edu

Data Breach Notification Policy (PDF)

Phishing and other attempts to steal UVM credentials (Network-IDs, passwords) or UVM information

Forward email as an attachment with full headers to abuse@uvm.edu

Look for alerts posted on the UVM IT web site

Scams, phishing, and spam not involving UVM credentials or information

Forward email as an attachment with full headers to is-spam@labs.sophos.com and
spam@uce.gov

Federal Trade Commission

Abuse, violations of law or UVM IT policies

Email abuse@uvm.edu

IT Policies

Unethical use of technology

Examples include:

  • Unauthorized manipulation or deletion of either sensitive data or non-sensitive data
  • Data privacy and integrity
  • HIPAA
  • Inappropriate use of technology
  • Intellectual property infringement

Ethics and Compliance Reporting

Privacy Concerns

See the Procedures section of UVM's Privacy policy (PDF)

Copyright and other DMCA infringements

Email copyright@uvm.edu

Copyright Infringement

None of the above? Not sure whether or how to report something?

Call (toll-free) 866-236-5752 or Email iso@uvm.edu

Information Security Office site

Last modified August 30 2019 11:37 AM

Accessibility | Privacy/Terms of Use | Contact UVM © 2020 The University of Vermont - Burlington, VT 05405 - (802) 656-3131