====== Sanctions for Violations of Policies and Procedures ======

===== Applicable University of Colorado Denver Policies =====

==== University of Colorado IT Security Program Policy ====

All data and information resources of the SEHD are subject to University of Colorado's IT Security Program policy, [[https://www.cu.edu/ope/aps/6005|APS-6005]].

==== University of Colorado Denver HIPPA Policy ====

<font 14px/Arial,Helvetica,sans-serif;;inherit;;inherit>Any employee, student, trainee, or volunteer associated with UCD is</font><font 14px/Arial,Helvetica,sans-serif;;inherit;;inherit>responsible</font>for reporting known or suspected violations of the UCD privacy policies to the Privacy Officer and for reporting known or suspected violations of the UCD security policies to the Security Officer. Violations can be reported by e-mailing HIPAA@ucdenver.edu. If after an investigation the Privacy Officer determines a violation has taken place they will work with the appointing authority to determine the appropriate sanctions as detailed in [[http://www.ucdenver.edu/research/Research Administration Documents/1.5 Workforce Sanctions.pdf|UCD HIPPA Policy 1.5]].