Re: laws/regulations to comply with

[Stephen Vieira <savieira () CCRI EDU>]

Jason,

        That list can be gathered from a number of locations.  One example is the American Council on Education (ACE) 
for your web page. Another is the National Association of Independent Colleges and Universities (NAICU) (and its member 
general counsels who serve on NAICU’s Legal Services Review Panel) in trying to untangle federal data collection rules 
and other regulations. We have worked with associations (EDUCAUSE, ACE, NAICU, NACUBO, NAFSA: Association of 
International Educators; and the National Association of College and University Attorneys) as well as numerous 
individual universities.  Also try Kansas U., Ohio State U., and Indiana U. all out front with Information Management 
and Records Management

Steve


Stephen A. Vieira
Chief Information Officer
Executive Director of IT
The Community College of Rhode Island
400 East Avenue
Warwick, RI 02886
403-825-2004
cell: 508-965-8623



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Youngquist, Jason R.
Sent: Thursday, December 04, 2008 10:34 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] laws/regulations to comply with

We are working on writing more formalized policies for the institution.  What I'm looking for is a comprehensive set of 
law/regulations that an institution such as a college might need to comply with.  For example, HIPPA, PCI, Red Flag, 
FERPA, GLBA, CALEA, state & federal laws, etc.  Is there any definitive list somewhere or does anyone have any 
additional suggestions?


Thanks.
Jason Youngquist
Information Technology Security Engineer
Technology Services
Columbia College
1001 Rogers Street, Columbia, MO  65216
(573) 875-7334
jryoungquist () ccis edu
http://www.ccis.edu