The UFIT Information Security Office responds to and investigates information security incidents related to misuse or abuse of university information and information technology resources. An information security incident is defined as an event, whether electronic, physical or social that adversely impacts the confidentiality, integrity or availability of University of Florida data or information systems; or a real or suspected action, inconsistent with University of Florida Privacy or Acceptable Use policies.

Information security incidents can be reported to the UFIT Information Security Office by sending an email to or calling 352-273-1344

Please be sure to follow the Incident Response Procedures – First Steps when responding to incidents.

For more information about information security incident management at the University of Florida see UFIT Security Incident Response Procedures, Standards, and Guidelines.

Reporting HIPAA violations or the exposure of restricted data

HIPAA violations or the potential unauthorized exposure of UF Restricted Data such as Protected Health Information (PHI) or Personal Identification Information (PII) must be reported to the UF Privacy Office.

Reporting spam, phishing, or email abuse