Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sample Notification Letter to Affected Parties related to IT Data Breaches

From: Cathy Hubbs <hubbs () AMERICAN EDU>
Date: Wed, 2 Jan 2013 13:47:20 -0500
Carlos,
The EDUCAUSE Security Guide has a great Data Incident Notification Toolkit 
available at 
https://wiki.internet2.edu/confluence/display/itsg2/Data+Incident+Notification+Toolkit

Section 2 discusses constructing a Data Notification letter and includes 
links to several University's samples.

Best wishes,

Cathy

Cathy Hubbs
Chief Information Security Officer
Office of Information Technology 
American University




From:   Carlos Lobato <clobato () NMSU EDU>
To:     SECURITY () LISTSERV EDUCAUSE EDU, 
Date:   01/02/2013 01:39 PM
Subject:        [SECURITY] Sample Notification Letter to Affected Parties 
related to IT Data Breaches
Sent by:        The EDUCAUSE Security Constituent Group Listserv 
<SECURITY () LISTSERV EDUCAUSE EDU>



All,
 
We are in the process of establishing a policy, plan and procedures 
related to computer security incidents and data breaches and as part of 
our procedures we would like to include a sample notification letter to 
affected parties.  If your institution has a sample letter that you have 
sent in the past to affected parties and consider it a best practice we 
would appreciate it if you would share a copy of said sample letter with 
us.
 
Thanks in advance,
 
Carlos
 
Carlos S. Lobato, CISA, CIA
IT Compliance Officer
 
New Mexico State University
Information and Communication Technologies
MSC 3AT PO Box 30001
Las Cruces, NM  88003
 
Phone (575) 646-5902
Fax (575) 646-5278
Previous By Date Next
Previous By Thread Next

Current thread: