====== Securing Materials with Data ======

===== Applicable University of Colorado Denver Policies =====

==== University of Colorado IT Security Program Policy ====

All data and information resources of the SEHD are subject to University of Colorado's IT Security Program policy, [[https://www.cu.edu/ope/aps/6005|APS-6005]]. The policy states:

> University data centers and IT resourcesshall be sufficiently protected from physical and environmental threats to prevent the loss, damage, or compromise of assets, and interruption to business activities.

Examples of safeguards include:

  * Physical barriers such as walls, gates, locked doors
  * Access controls such as ID Cards, visitor escorts and logs, facility/equipment repair records
  * Environmental controls such as uninterruptible power supplies, generators, temperature and humidity systems, fire suppression units

==== University of Colorado Denver HIPPA Policy ====

The most secure SEHD data are subject to the [[http://www.ucdenver.edu/research/Research Administration Documents/9.5 Facility and Device Security.pdf|UCD Facility and Device Security HIPPA policy]]. The policy states

> It is the responsibility of UCD Directors of Electronic Security, Information Systems, Facility Operations, Human Resources, and all affected unit managers and supervisors to limit physical access to their electronic information systems and the facilities in which they are housed, while ensuring that properly authorized access is not delayed.