Skip to Main Content

Data Breach Online Submission

Requirement

Section 8-4-119, Tennessee Code Annotated, requires state agencies to notify the Comptroller of the Treasury of any confirmed or suspected unauthorized acquisition of computerized data and any confirmed or suspected breach of a computer information system or related security system established to safeguard the data and computer information system.

This report should be made within five (5) working days after confirming or suspecting the unauthorized acquisition or breach.  A state agency is not required to notify the Comptroller of the Treasury of individual occurrences of malware or spyware unless such occurrence led to the unauthorized acquisition of computerized data or compromises a security system established to safeguard data and computer information system.  The information received is part of the Comptroller of the Treasury’s confidential working papers and therefore shall not be an open record pursuant to Section 10-7-504(a)(22), Tennessee Code Annotated.

Instructions

A notification may be submitted online by clicking on the link below. Please note that progress cannot be saved so all information needed to complete the form should be available prior to beginning the submission process. An example of the required information can be referenced here.  A copy of the report may be printed prior to submission. However, once the submit button is selected, the print option is no longer available.