skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view


The University of Greenwich has faced a challenging week following a significant data protection breach. While the incident is a setback for the institution, it is a timely reminder for the rest of the industry that data protection is more than a set of standards and processes that once codified can be stored away. The likelihood is that every institution will be faced with a data breach of its own, big or small, at some point. It is in how and the speed with which the institution deals with the incident that increasingly defines the success of data protection processes.

An incident response plan is the best tactic

The University of Greenwich’s accidental publication of students’ personal data highlights the fact that ensuring security and privacy is more than just having the right technology and processes in place. Incidents such as these underscore not only the risks of human error, but also the repercussions for institutions that fail to check content before publishing.

Students’ personal data was published alongside public data on the running of the university. The breach was spotted by students which led the university to take action. It apologized, took the documents offline, and is working with Google to delete cached versions. Additionally, it is contacting all the students affected by the data breach and is conducting an investigation as part of a “robust review” of the incident. The university has pledged to publish the findings and recommendations.

The higher education industry is tight-knit as well as highly competitive, which means reputation is key. Ovum believes that, when issues such as these occur, it is important that institutions respond to their constituents immediately, keep them apprised of the remedial action being undertaken, and offer advice on how to deal with the anticipated consequences, in order to uphold their reputation. Data breaches are unsatisfactory events. However, having a contingency plan helps institutions to manage mistakes better and limit any reputational damage, as well as damage to those whose data has been released.


Further reading

“Hobsons acquisition of PAR will boost its capacity to support student retention and outcomes,” IT0008-000263 (February 2016)

Enterprise Case Study: Moving to a Higher Level of Operational Performance, IT0008-000261 (January 2016)

“Security breaches will push enterprise cloud adoption,” IT0020-000165 (November 2015)


Navneet Johal, Research Analyst, Education Technology

Recommended Articles


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now