Menu Help & How To Video Simulation Game Document & Resources Training Link Tag Search clock thumbs-up angle-up

What is a Data Breach?

Per the IRS Publication 1075, a data breach is a type of incident involving a loss, theft, or inadvertent unauthorized disclosure of FTI. A data breach is defined as the loss of control, compromise, unauthorized disclosure, unauthorized acquisition, or any similar occurrence where:

  • A person other than an authorized user accesses or potentially accesses FTI or,
  • An authorized user accesses or potentially accesses FTI for an other than authorized purpose.

Some examples of a data breach include:

  • A laptop is lost or stolen
  • A third party overhears employees discussing FTI
  • Documents containing FTI are lost during shipping
  • An authorized user sells information containing FTI
  • An authorized user accesses information containing FTI for their own personal use

CSS policy OAC-340-25-5-67 spells out how CSS limits disclosure of FTI. Instances of inappropriate access or misuse of confidential information including FTI should be reported to you supervisor.