Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Federal laws applicable to Universities

From: Tracy Beth Mitrano <tbm3 () CORNELL EDU>
Date: Thu, 7 Nov 2013 21:03:01 +0000
Michael beat me to the punch with a better list, but here are some big hitters I was pulling up for you when his 
message came in.  Links are not the definitive for implementation, just an idea of what it is about.

Don't forget FISMA:  http://csrc.nist.gov/drivers/documents/FISMA-final.pdf

and HITECH:  http://www.hhs.gov/ocr/privacy/hipaa/administrative/enforcementrule/hitechenforcementifr.html

and GLBA:  http://www.hhs.gov/ocr/privacy/hipaa/administrative/enforcementrule/hitechenforcementifr.html

Tracy


On Nov 7, 2013, at 3:43 PM, Francisco Pérez <francisco.perez12 () UPR EDU<mailto:francisco.perez12 () UPR EDU>>
 wrote:

I know that FERPA, HIPAA( if healthcare data) and maybe PCI are applicable to Universities on the US. But there is any 
other federal laws applicable or that Universities need to comply with?. Just working on fundamental laws for IT 
Compliance on Universities.

Will appreciate your comments.

--
Francisco Pérez
Information System Office
UPR-Medical Sciences Campus
francisco.perez12 () upr edu<mailto:francisco.perez12 () upr edu>
www.rcm.upr.edu<http://www.rcm.upr.edu/>

Confidentiality Notice: Any use, review, distribution or copying of this communication by anyone other than the named 
recipient(s) is strictly prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by 
error and delete this e-mail from your system.

Please print this email only when necessary.
Previous By Date Next
Previous By Thread Next

Current thread: