Re: Confidentiality agreements and IT staff

[David Grisham <Dgrisham () SALUD UNM EDU>]

UNM and our Health Science Center have IT staff sign an Information Stewardship agreement. We took this one step 
further here at the Hospitals and have an annual training on the information stewardship agreement for all management 
and staff. See "https://hospitals.health.unm.edu/intranet7/apps/doc_management/index.cfm?document_id=314 "
Cheers.-grish
David Grisham, Ph.D., CISM, CRISC
Manager, IT Security, UNM Hospitals

> > > David Seidl <dseidl () ND EDU> 3/29/2012 7:18 AM >>>
Folks,

I'm curious if you currently require all or most of your IT staff to sign a confidentiality agreement at hire on a 
recurring basis, and if so, what your reasons for doing so are.

We've had one in place for new hires for years, and our business staff has asked if we can dispense with it as a 
general requirement for all IT staff. I've done a bit of review, and can't find a direct requirement to point to for 
people who don't have direct compliance related assignments.

Thanks in advance for your feedback and comments!

David

David Seidl, CISSP, GCIH, GPEN
Director of Information Security
Office of Information Technologies
University of Notre Dame
Notre Dame, IN 46556
(574) 631-7305
dseidl () nd edu