Client Incident Management System (CIMS) privacy obligations for funded organisations

15 December 2023
Funded organisations should always take privacy incidents seriously and report them to line management as soon as the incident is identified or suspected.

The department is reminding funded organisations that when creating an incident report in CIMS, it is important to ensure that the correct organisation is selected. Choosing the incorrect organisation can result in a privacy breach.

When completing and submitting an incident report in CIMS, organisations should ensure all details are correct, relevant and accurate, including when selecting an option from the drop-down boxes.

Funded organisations who become aware of a privacy breach or concern in relation to the CIMS, should submit the incident on the DFFH Report an Incident website.