Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SECURITY Digest - Federal Laws and IT

From: "Rosenthal, Jane E." <jer () KU EDU>
Date: Fri, 8 Nov 2013 17:30:59 +0000
Great topic everyone and wonderful resources.

My additional 2 cents is STOP THINK and GET COUNSEL.

1)  ARe you a public or private university?  (many publics that are State U may not be considered by their counsel as 
required to comply with other State's law (or foreign laws), depending.

2) Are you wanting a comprehensive listing of the potential federal laws that may apply to you?  That may be longer 
than you think and it also may depend on whether it's research or not, student or not, etc.

3)  do you really just want to start with a program design that addresses most requirements?  Carlos' chart is an 
excellent beginning/standard for many things.  Including oversight, responsibility or accountability?

Perhaps you need to consider an overriding/overarching program that views what you should generally be doing for most 
programs, and then consider where other programs might need more or less, rather than focusing on a single law with 
which to comply.  Mind you, having a mapping to the controls can be very, very helpful when there are questions or a 
specific program that may require specific controls.

So again what is it you're trying to accomplish with the review of laws?

FYI--COPPA does not apply to non-profits, so if you're a public, ask your counsel about their position on that.  I can 
tell you all day long and so can others, but at the end of the day, you want to follow the Counsel's direction (even if 
you're a lawyer), b/c that's their job for the institution.  There is always the should we comply even if we don't 
"have" consideration as well--that may be a community conversation.



Jane Rosenthal
Director | Privacy Office
Office of the Provost
The University of Kansas

Tel.  +1(785)864-9528 | Fax +1(785)864-4463
Email jer () ku edu | Web http://www.privacy.ku.edu/

The preceding information may be confidential.  If this message was sent to you in error, please accept my apologies, 
delete the message and attachments from your device and notify me of the error. Thank you.
________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of SECURITY 
automatic digest system [LISTSERV () LISTSERV EDUCAUSE EDU]
Sent: Thursday, November 07, 2013 11:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: SECURITY Digest - 6 Nov 2013 to 7 Nov 2013 (#2013-195)

[LISTSERV mailing list manager]<http://www.lsoft.com>   [LISTSERV 15.0] 
<http://listserv.educause.edu/cgi-bin/wa.exe?LIST=SECURITY>

SECURITY Digest - 6 Nov 2013 to 7 Nov 2013 (#2013-195)
Table of contents:

  *   FireEye?
  *   a question about having College ID number as part of directory information (7)
  *   FYI - Adobe account compromise (2)
  *   Checkpoint Vs. Palo Alto Vs. Fortinet
  *   Reminder: Deadline to Submit (2)
  *   FYI - Adobe account compromise
  *   Federal laws applicable to Universities (12)

  1.  FireEye?
     *   Re: FireEye? (11/07)
From: "Keller, Alex" <axkeller () STANFORD EDU>
  2.  a question about having College ID number as part of directory information
     *   a question about having College ID number as part of directory information (11/07)
From: Roy Galang <galang_roy () WHEATONCOLLEGE EDU>
     *   Re: a question about having College ID number as part of directory information (11/07)
From: "pmorley () mcdaniel edu" <pmorley () MCDANIEL EDU>
     *   Re: a question about having College ID number as part of directory information (11/07)
From: Roger A Safian <r-safian () NORTHWESTERN EDU>
     *   Re: a question about having College ID number as part of directory information (11/07)
From: Roy Galang <galang_roy () WHEATONCOLLEGE EDU>
     *   Re: a question about having College ID number as part of directory information (11/07)
From: Roger A Safian <r-safian () NORTHWESTERN EDU>
     *   Re: a question about having College ID number as part of directory information (11/07)
From: Chris Green <cmgreen () UAB EDU>
     *   Re: a question about having College ID number as part of directory information (11/07)
From: K <kshalla () UIC EDU>
  3.  FYI - Adobe account compromise
     *   Re: FYI - Adobe account compromise (11/07)
From: Brian Helman <bhelman () SALEMSTATE EDU>
     *   Re: FYI - Adobe account compromise (11/07)
From: "Keller, Alex" <axkeller () STANFORD EDU>
  4.  Checkpoint Vs. Palo Alto Vs. Fortinet
     *   Re: Checkpoint Vs. Palo Alto Vs. Fortinet (11/07)
From: Brian Helman <bhelman () SALEMSTATE EDU>
  5.  Reminder: Deadline to Submit
     *   Reminder: Deadline to Submit (11/07)
From: Valerie Vogel <vvogel () EDUCAUSE EDU>
     *   Re: Reminder: Deadline to Submit (11/07)
From: "Joel L. Rosenblatt" <joel () COLUMBIA EDU>
  6.  FYI - Adobe account compromise
     *   Re: FYI - Adobe account compromise (11/07)
From: Louis Aponte <louisaponte () WEBER EDU>
  7.  Federal laws applicable to Universities
     *   Federal laws applicable to Universities (11/07)
From: Francisco Pérez<francisco.perez12 () UPR EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: Michael Cole <mcole () CLARKU EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: "Carr, Michael G" <michael.carr () UKY EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: Tracy Beth Mitrano <tbm3 () CORNELL EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: Francisco Pérez<francisco.perez12 () UPR EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: Valerie Vogel <vvogel () EDUCAUSE EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: "Feehan, Patrick" <Patrick.Feehan () MONTGOMERYCOLLEGE EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: "Khan, Sam" <Sam_Khan () OUS EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: Carlos Lobato <clobato () NMSU EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: "Long, H Morrow" <morrow.long () YALE EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: "Shaw, David J" <shaw46 () PURDUE EDU>
     *   Re: Federal laws applicable to Universities (11/07)
From: Dan Han <s2dhan () VCU EDU>




Browse the SECURITY online archives.<http://listserv.educause.edu/cgi-bin/wa.exe?LIST=SECURITY>


[Anti-Virus 
Filter]<http://www.lsoft.com/products/default.asp?item=secured-by-FS&host=LISTSERV.EDUCAUSE.EDU&wa=http://listserv.educause.edu/cgi-bin/wa.exe>
 [Powered by the LISTSERV Email List Manager] <http://www.lsoft.com/products/listserv-powered.asp>
Previous By Date Next
Previous By Thread Next

Current thread: