Educause Security Discussion mailing list archives
Re: Faculty handling of student data
From: "Basgen, Brian" <bbasgen () PIMA EDU>
Date: Mon, 30 Jun 2008 13:13:27 -0700
I'm trying to draw out whether or not institutions make any kind of exceptions/distinctions for faculty use. For example, we have a large number of adjunct faculty, who do not have dedicated offices/computers. Therefore, it isn't uncommon for them to use their own laptop. Similarly, faculty may have local grade tabulations, or perhaps take a stack of exams home to grade. Thus, we are looking to build our policy around the way that faculty works, yet manage it with reason. A lot of what I see is a sensible approach for staff, but doesn't seem to address the unique needs of faculty.
-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mark Houpt Sent: Monday, June 30, 2008 12:01 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Faculty handling of student data We tie this in with our Corporate Computing and Information Security Policy. In that we have "data classification" levels and proper handling of that data is dictated by the classification level, not the system it is on or situation it is in. For example, if we have a confidential piece of information that level has a dictated set of handling characteristics
/
instructions that include data must remain encrypted at all times, No dissemination to non-LCCS personnel without a signed Non Disclosure Agreement (NDA) etc. Mark A. Houpt Director of Campus Technology Lincoln Christian College and Seminary 100 Campus View Dr Lincoln IL. 62656 (217) 732-3168 http://www.lccs.edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Basgen, Brian Sent: Monday, June 30, 2008 1:36 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Faculty handling of student data I'm wondering how institutions address the issue of faculty handling student data, in the sense of faculty using personal laptops, or
taking
student data home with them during the semester, etc. Our general approach is to tie this into our institutional Acceptable Use policy, and draw a distinction between legitimate academic use and otherwise prohibited behavior. Having looked around a bit, I haven't been able to find the approach others have taken. I'm not sure if this is because institutions aren't specifically addressing this issue, or if I'm just not looking in the right places. Any and all input appreciated, thanks! :) ~~~~~~~~~~~~~~~~~~ Brian Basgen Information Security Pima Community College ______________________________________________________________________ This email has been scanned by the LCCS Email Security System. ______________________________________________________________________
Current thread:
- Faculty handling of student data Basgen, Brian (Jun 30)
- <Possible follow-ups>
- Re: Faculty handling of student data Di Fabio, Andrea (Jun 30)
- Re: Faculty handling of student data Payne, Shirley (scp8b) (Jun 30)
- Re: Faculty handling of student data Mark Houpt (Jun 30)
- Re: Faculty handling of student data Valdis Kletnieks (Jun 30)
- Re: Faculty handling of student data Payne, Shirley (scp8b) (Jun 30)
- Re: Faculty handling of student data Basgen, Brian (Jun 30)
- Re: Faculty handling of student data Payne, Shirley (scp8b) (Jun 30)