Educause Security Discussion mailing list archives
Re: Data "Sharing" Policy
From: Chuck Keeler <keeler_c () MITCHELL EDU>
Date: Fri, 2 Sep 2011 13:20:09 -0400
This is interesting to me as well … I am working on one now … not ready for prime time yet and I would be interested to see what others are doing … we have expanded ours to include data ownership and responsibilities. ___________________________________ Charles Keeler Mitchell College Office of Information Technology Chief Technology Officer • (860) 701-5254 • mailto:keeler_c () mitchell edu From: Kevin Casey <CaseyK () HUSSON EDU<mailto:CaseyK () HUSSON EDU>> Reply-To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Date: Fri, 2 Sep 2011 10:40:09 -0400 To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: [SECURITY] Data "Sharing" Policy Good morning. Does anyone have a written policy they could share governing how sensitive data should "move" across your organization? We have a situation where individuals/departments are (for example) collecting info from prospective students on their own via the Web. We need a policy that not only addresses this use of home-grown forms, but also sending sensitive info via (unencrypted) email, etc., and even via non-digital means (e.g. applications with SS#s in a briefcase taken off campus). We also need to define what "sensitive," "confidential," etc. means in the context of data.... We have an "acceptable use" policy that mentions this topic, but with inadequate specificity. Thanks, Kevin __________________________________________ Kevin Casey Executive Director Information Resources Phone: (207) 941-7123 Fax: (207) 941-7988 caseyk () husson edu<mailto:caseyk () husson edu> Husson University www.husson.edu<http://www.husson.edu/> IMPORTANT WARNING: The information in this message (and the documents attached to it, if any) is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken, or omitted to be taken, in reliance on it is prohibited and may be unlawful. If you have received this message in error, please delete all electronic copies of this message (and the documents attached to it, if any), destroy any hard copies you may have created and notify me immediately by replying to this email. Thank you.
Current thread:
- Federal Rules of Evidence Daniel Bennett (Sep 05)
- Re: Federal Rules of Evidence Semmens, Theresa (Sep 05)
- Data "Sharing" Policy Kevin Casey (Sep 05)
- Re: Data "Sharing" Policy Hugh Burley (Sep 05)
- Re: Data "Sharing" Policy Chuck Keeler (Sep 05)
- Re: Data "Sharing" Policy randy marchany (Sep 05)
- Re: Data "Sharing" Policy Mclaughlin, Kevin (mclaugkl) (Sep 05)
- Data "Sharing" Policy Kevin Casey (Sep 05)
- Re: Data "Sharing" Policy Bob Kalal (Sep 05)
- Re: Data "Sharing" Policy Joel Rosenblatt (Sep 05)
- Re: Federal Rules of Evidence Semmens, Theresa (Sep 05)
- Re: Federal Rules of Evidence Bradley, Stephen W. Mr. (Sep 05)
- Re: Federal Rules of Evidence Mclaughlin, Kevin (mclaugkl) (Sep 05)
- Re: Federal Rules of Evidence Stephen C. Gay (Sep 05)
- Re: Federal Rules of Evidence Chuck Keeler (Sep 05)
- Re: Federal Rules of Evidence Daniel Bennett (Sep 05)