KI 0787 Who should report breaches of information security and privacy

Anyone who discovers a breach of information security and privacy is obliged to report.

This applies to all students and employees at UiB and this is stated in the Management System for Information Security and Privacy (SIP). In the Governing Part, section 4.10, Employees and students state the following:
All users of the systems at UiB, as well as those who process personal data, have a responsibility to ensure information security and ensure the protection of privacy in connection with the performance of their own work.
Everyone is obliged to report deviations in the event of a breach of information security or the Personal Data Act as soon as they are made aware of the deviation. Deviations are reported in accordance with current guidelines for deviation reporting at UiB.