http://www.legislation.gov.uk/id/eudn/2015/444

CHAPTER 1BASIC PRINCIPLES AND MINIMUM STANDARDS

Article 8Breaches of security and compromise of EUCI

1.

A breach of security occurs as the result of an act or omission by an individual which is contrary to the security rules laid down in this Decision and its implementing rules.

2.

Compromise of EUCI occurs when, as a result of a breach of security, it has wholly or in part been disclosed to unauthorised persons.

3.

Any breach or suspected breach of security shall be reported immediately to the Commission Security Authority.

4.

Where it is known or where there are reasonable grounds to assume that EUCI has been compromised or lost, a security inquiry shall be conducted in accordance with Article 13 of Decision (EU, Euratom) 2015/443.

5.

All appropriate measures shall be taken to:

(a)

inform the originator;

(b)

ensure that the case is investigated by personnel not immediately concerned with the breach in order to establish the facts;

(c)

assess the potential damage caused to the interests of the Union or of the Member States;

(d)

take appropriate measures to prevent a recurrence; and

(e)

notify the appropriate authorities of the action taken.

6.

Any individual who is responsible for a breach of the security rules laid down in this Decision may be liable to disciplinary action in accordance with the Staff regulations. Any individual who is responsible for compromising or losing EUCI shall be liable to disciplinary and/or legal action in accordance with the applicable laws, rules and regulations.