The purpose of this procedure is to ensure that the University follows a consistent process for handling and reporting situations where a computer, tablet or smartphone is lost or stolen.
When a computer, tablet or a smartphone is lost or stolen, there is always the possibility that the device holds information that is considered sensitive legally or by contract, or is otherwise considered sensitive by University policy. For those pieces of information, we are obliged to determine to the best of our ability what sensitive information may have been on the lost or stolen device, and if possible, to determine whose private information might be involved. Additionally, in case criminal activity is suspected, the appropriate Police authorities need to be involved as well.
If your University-owned computer is stolen or lost, perform the following as soon as you realize the equipment is missing:
- Click the following link to download form-ir001a-stolen-lost-uhcl-device.
- Fill in the answers to as many questions under bullet 1 on the form as you have the appropriate information available.
- Report the incident to the police department of the community where the incident took place. If on-campus, contact the University Police Department.
- Fill in the answers to the questions under bullet 2 of the form with the information that will be provided by the police department responding to the incident.
- Contact the following University areas and provide them with a copy of this completed form:
- The University Police (extension 2222)
- The University Information Security Officer (extension 2954 or firstname.lastname@example.org)
Note - Be prepared to discuss the types of information may be stored on the computer’s hard drive, especially any personally identifiable information (PII), e.g., Social Security numbers, employee/student ID numbers, birthdates, drivers’ license numbers, passport numbers or any other sensitive personal data.
IMPORTANT NOTE: Computer theft must be reported to UCT within one (1) working week as we must contact the tracking vendor within thirty days of the incident.