Re: Federal laws applicable to Universities

[Dan Han <s2dhan () VCU EDU>]

Aside from what was mentioned already, If you are involved in research,
don't forget the export control laws (ITAR, EAR, OFAC regulations) as well.

Also PPRA, COPPA if research with minors are involved.

FTC has the Red Flag rule, section 5, Stares usually has its own data
protection laws. The list goes on and on...

I always tell people that Higher ed is pretty much regulated by nearly all
regulations under the sun... Except for SOX, even the requirements there
have somewhat permeated into higher ed.


Dan Han
VIrginia Commonwealth University

On Thursday, November 7, 2013, Francisco Pérez wrote:

> I know that FERPA, HIPAA( if healthcare data) and maybe PCI are applicable
> to Universities on the US. But there is any other federal laws applicable
> or that Universities need to comply with?. Just working on fundamental laws
> for IT Compliance on Universities.
>
> Will appreciate your comments.
>
> --
> *Francisco Pérez*
> Information System Office
> UPR-Medical Sciences Campus
> francisco.perez12 () upr edu <javascript:_e({}, 'cvml',
> 'francisco.perez12 () upr edu');>
> www.rcm.upr.edu
>
> Confidentiality Notice: Any use, review, distribution or copying of this
> communication by anyone other than the named recipient(s) is strictly
> prohibited. Please notify the sender immediately by e-mail if you have
> received this e-mail by error and delete this e-mail from your system.
>
> Please print this email only when necessary.


-- 
Dan Han
Virginia Commonwealth University

Sent from my mobile device