policy:data_privacy:privacy_and_security
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
policy:data_privacy:privacy_and_security [2019/03/28 16:44] – created tonyromero | policy:data_privacy:privacy_and_security [2019/05/20 17:22] (current) – old revision restored (2019/03/29 20:05) tonyromero | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Privacy and Security Policies and Procedures ====== | ====== Privacy and Security Policies and Procedures ====== | ||
- | - | + | - University HIPAA Policy [[http:// |
- | APS-6005 [[https:// | + | ===== Overview ===== |
- | - | + | Data privacy is a critical component of the School of Education & Human Development (SEHD) operations. The protection and management of the various types of student, staff, faculty, and research subject Personally Identifiable Information (PII) is critical to the SEHD's operations. SEHD computer systems and related devices collect and record data as required for educational delivery, management, administration, |
- | University | + | ===== Purpose ===== |
+ | |||
+ | <font 10pt/ | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ===== Applicable University-wide policies related the Data Privacy and Policies ===== | ||
+ | |||
+ | ==== University of Colorado IT Security Program | ||
+ | |||
+ | All data and information resources of the SEHD are subject to University of Colorado' | ||
+ | |||
+ | === The goals of the University IT Security policy are as follows: === | ||
+ | |||
+ | - All members of the University community are aware of and are sufficiently trained to carry out their responsibilities for protecting University Infromation and IT Resources. | ||
+ | - University information is regarded as a strategic organizational asset and is treated in a manner consistent with that of other strategic assets, such as financial and facility assets | ||
+ | - IT Secuity is not considered a technical concern, but is addressed as a strategic business issue by integrating IT security safeguards into University business processes. | ||
+ | - University resources are applied judiciously to IT security issues by focusing on those that represent the greatest risk to University operations and information. | ||
+ | - IT security incidents are promptly detected and responded to in a manner that limits the impact to the security of University information and the operations of the University. | ||
+ | |||
+ | Please proceed to [[https://www.cu.edu/ | ||
+ | |||
+ | ==== University of Colorado Denver Security Management HIPPA Policy ==== | ||
+ | |||
+ | As applicable, the most secure SEHD data are subject to the UCD Security Management HIPPA policy, [[http:// | ||
+ | |||
+ | === Purpose of the UCD Security Management HIPPA policy: === | ||
+ | |||
+ | This security policy outlines minimum standards for ensuring the confidentiality, | ||
+ | |||
+ | === Applicability of the UCD Security Management HIPPA policy === | ||
+ | |||
+ | While application of this policy to any sensitive data is considered "best practice" | ||
policy/data_privacy/privacy_and_security.1553791478.txt.gz · Last modified: 2019/03/28 16:44 by tonyromero