Educause Security Discussion mailing list archives

Re: Vendor Contracts

From: "Grama, Joanna Lyn" <jgrama () PURDUE EDU>
Date: Wed, 18 Mar 2009 11:15:54 -0400

Dear Daniel,

The Educause  Security Task Force has posted a guide on data protection
contractual language.  It contains sample contractual language and is
available at:
https://wiki.internet2.edu/confluence/display/secguide/Data+Protection+C
ontractual+Language 

 

Regards,

Joanna Grama

 

 

Joanna Lyn Grama, J.D., CISSP
ITaP Networks and Security
Purdue University
Phone: 765-496-3970
E-mail: jgrama () purdue edu 

 

 

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Daniel Bennett
Sent: Tuesday, March 17, 2009 1:25 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Vendor Contracts

 

I am wondering how many institutions have their vendors that require IT
resources to sign an agreement of confidentiality, non-disclosure, etc?
Do you provide them with a copy of the Acceptable Use Policy? PCI-DSS?
HIPPA? FERPA?

 

I would be grateful if anyone could please send me a copy of your
agreement.

 

Thanks,

 

Daniel Bennett

IT Security Analyst

Security+

 

PA College of Technology

One College Ave

Williamsport PA 17701

(P) 570.329.4989

Current thread:

Vendor Contracts Daniel Bennett (Mar 17)
- <Possible follow-ups>
- Re: Vendor Contracts Willis Marti (Mar 18)
- Re: Vendor Contracts Grama, Joanna Lyn (Mar 18)