Lost or Stolen Equipment


Requirements and procedures are in support of governing Columbia University IT Policies and CUIMC Information Security Procedures.

Requirements

Notify proper authorities immediately

Contact your Certified IT Group or see the Information Security Office's Report an IT Security Event for help if needed. Reporting lost or stolen computers, smartphones, tablets, USB keys, portable hard drives and other equipment capable of storing protected electronic data is a vital step in preventing data breaches. 

Notify proper authorities IMMEDIATELY of loss or theft, especially if the device contained confidential and sensitive data. This includes PHI and PII data, and confidential institutional information. When unsure it is best to err on the side of caution. Remember almost all devices used to access email store copies of the email messages and any attachments.

Procedure

Any CUIMC provisioned equipment (computers, mobile devices, etc.) must be reported to the CUIMC Information Security Office by calling the Service Desk at 5-Help (212-305-4357), option 5. If equipment was provided by NYP, Columbia/Morningside or Weil Cornell please contact their IT support or check with a supervisor for any procedure.

Please include:

  1. Your name
  2. Your Columbia UNI
  3. Your current contact information (a working phone number and email)
  4. The type of device (include make and model if known)
  5. The device's serial and/or label numbers (if known)
  6. Whether the device was encrypted.  CITG staff reporting an incident should also provide details/proof of encryption, i.e. date completed, BitLocker key etc.

If equipment was used for Telehealth, the CITG must also email security@cumc.columbia.edu with the subject line "Lost or Stolen Device INC#" (INC# should be the ticket number created in ServiceNow).  If it was a computer please include the hostname.

If the Department of Public Safety and/or local authorities were contacted (see below), please include any report number.

Additional Guidelines

Reporting Missing Equipment

Items lost or stolen should be reported to the Department of Public Safety; let them know if PhoneHome tracking software was installed on a missing computer. Otherwise contact local law enforcement. Be sure to record any ticket or case number and contact information for reporting the incident. Faculty and staff should notify their Department Administrator of the missing equipment and type of data it contains.

Secure Accounts and Change Passwords

Change your passwords and secure other accounts - change passwords for email and other sites or applications that were accessed while using the device. Notify any banking or credit card companies regarding account information that may be compromised. Columbia UNI and CUIMC email /MC domain account passwords can be changed immediately online:

Please also follow Microsoft's instructions to Sign out of Office (OneDrive and other Office apps) from any web browser; steps are towards the bottom of their page.

Remote Data Wiping and BYOD

Data stored on some smartphones and other equipment may be able to be deleted remotely to help prevent data breaches. Verify whether this is possible with the group(s) you contact and how it should be done, procedures can vary based on the equipment and its prior use and set up. In most cases this will affect data that is has already been synced or backed up to a computer, or is kept on network storage or a server. Do not cancel phone service if a remote data wipe will be performed, as this will block the ability of remote deletion.

See help for: