Incident Report Form Information Security Incidents Report Form Departments and schools should use this form when reporting a computer security incident that involves sensitive university information. For help in completing this form contact the Information Security Office at infosec@wustl.edu. 1. Type of Incident Mark all that apply * Intrusion / Virus / Malicious Code Theft/Loss User Account Compromise Social Engineering/Phishing Other Please specify the type of incident If in the Med School, has this been reported to the HIPAA Privacy Office? Yes No Has this been reported to law enforcement? Yes (enter which department)Yes (enter which department) No Was the system/device password protected? Yes No Was the system/device encrypted? Yes No Was the data encrypted? Yes No 2. Description of Incident Describe the events of the incident * If this was a theft, also provide a description of the physical security of the machine 3. Contact Information Name * Email * Phone Number * Department/School 4. IT Contact Information Name * Department * Email Phone Number 5. Date and Time Incident Occurred Date of incident * Time of incident (ex: 5:30PM CST) * 6. Physical Location of Incident Include building and room number, if available * 7. Information Assessment Please describe in detail anything you know about the computer system, the data on the system, its use, who had access to it, how the system was used, protection mechanisms used on the system, etc. * Did this incident result in a compromise of sensitive university information to include ePHI, Employee, Financial, Research Data, or other confidential information? * Yes No If yes, please describe the type of data on the system If ePHI, mark any of the following 18 identifiers on the system that may apply. If no ePHI on system, please select "00. No ePHI ON SYSTEM" * 00. NO ePHI ON SYSTEM 1. Name 2. DOB 3. SSN 4. Address 5. Telephone Number 6. Email Address 7. Fax Number 8. Medical Record Number 9. Health Plan ID 10. Internet IP Address 11. Certificate Number 12. Device Identifiers 13. Photograph 14. Biometric Identifiers 15. Web Address (URL) 16. Vehicle Identifier 17. Account Numbers 18. Any other unique identifying number, characteristic or code 8. Information on Affected System Type of System IP Address Computer/Host-Name Operating System (i.e. Windows, iOS, OSX, Android, Linux) Captcha Submit If you are human, leave this field blank. Δ