Educause Security Discussion mailing list archives
Re: SECURITY Digest - Federal Laws and IT
From: "Rosenthal, Jane E." <jer () KU EDU>
Date: Fri, 8 Nov 2013 17:30:59 +0000
Great topic everyone and wonderful resources. My additional 2 cents is STOP THINK and GET COUNSEL. 1) ARe you a public or private university? (many publics that are State U may not be considered by their counsel as required to comply with other State's law (or foreign laws), depending. 2) Are you wanting a comprehensive listing of the potential federal laws that may apply to you? That may be longer than you think and it also may depend on whether it's research or not, student or not, etc. 3) do you really just want to start with a program design that addresses most requirements? Carlos' chart is an excellent beginning/standard for many things. Including oversight, responsibility or accountability? Perhaps you need to consider an overriding/overarching program that views what you should generally be doing for most programs, and then consider where other programs might need more or less, rather than focusing on a single law with which to comply. Mind you, having a mapping to the controls can be very, very helpful when there are questions or a specific program that may require specific controls. So again what is it you're trying to accomplish with the review of laws? FYI--COPPA does not apply to non-profits, so if you're a public, ask your counsel about their position on that. I can tell you all day long and so can others, but at the end of the day, you want to follow the Counsel's direction (even if you're a lawyer), b/c that's their job for the institution. There is always the should we comply even if we don't "have" consideration as well--that may be a community conversation. Jane Rosenthal Director | Privacy Office Office of the Provost The University of Kansas Tel. +1(785)864-9528 | Fax +1(785)864-4463 Email jer () ku edu | Web http://www.privacy.ku.edu/ The preceding information may be confidential. If this message was sent to you in error, please accept my apologies, delete the message and attachments from your device and notify me of the error. Thank you. ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of SECURITY automatic digest system [LISTSERV () LISTSERV EDUCAUSE EDU] Sent: Thursday, November 07, 2013 11:00 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: SECURITY Digest - 6 Nov 2013 to 7 Nov 2013 (#2013-195) [LISTSERV mailing list manager]<http://www.lsoft.com> [LISTSERV 15.0] <http://listserv.educause.edu/cgi-bin/wa.exe?LIST=SECURITY> SECURITY Digest - 6 Nov 2013 to 7 Nov 2013 (#2013-195) Table of contents: * FireEye? * a question about having College ID number as part of directory information (7) * FYI - Adobe account compromise (2) * Checkpoint Vs. Palo Alto Vs. Fortinet * Reminder: Deadline to Submit (2) * FYI - Adobe account compromise * Federal laws applicable to Universities (12) 1. FireEye? * Re: FireEye? (11/07) From: "Keller, Alex" <axkeller () STANFORD EDU> 2. a question about having College ID number as part of directory information * a question about having College ID number as part of directory information (11/07) From: Roy Galang <galang_roy () WHEATONCOLLEGE EDU> * Re: a question about having College ID number as part of directory information (11/07) From: "pmorley () mcdaniel edu" <pmorley () MCDANIEL EDU> * Re: a question about having College ID number as part of directory information (11/07) From: Roger A Safian <r-safian () NORTHWESTERN EDU> * Re: a question about having College ID number as part of directory information (11/07) From: Roy Galang <galang_roy () WHEATONCOLLEGE EDU> * Re: a question about having College ID number as part of directory information (11/07) From: Roger A Safian <r-safian () NORTHWESTERN EDU> * Re: a question about having College ID number as part of directory information (11/07) From: Chris Green <cmgreen () UAB EDU> * Re: a question about having College ID number as part of directory information (11/07) From: K <kshalla () UIC EDU> 3. FYI - Adobe account compromise * Re: FYI - Adobe account compromise (11/07) From: Brian Helman <bhelman () SALEMSTATE EDU> * Re: FYI - Adobe account compromise (11/07) From: "Keller, Alex" <axkeller () STANFORD EDU> 4. Checkpoint Vs. Palo Alto Vs. Fortinet * Re: Checkpoint Vs. Palo Alto Vs. Fortinet (11/07) From: Brian Helman <bhelman () SALEMSTATE EDU> 5. Reminder: Deadline to Submit * Reminder: Deadline to Submit (11/07) From: Valerie Vogel <vvogel () EDUCAUSE EDU> * Re: Reminder: Deadline to Submit (11/07) From: "Joel L. Rosenblatt" <joel () COLUMBIA EDU> 6. FYI - Adobe account compromise * Re: FYI - Adobe account compromise (11/07) From: Louis Aponte <louisaponte () WEBER EDU> 7. Federal laws applicable to Universities * Federal laws applicable to Universities (11/07) From: Francisco Pérez<francisco.perez12 () UPR EDU> * Re: Federal laws applicable to Universities (11/07) From: Michael Cole <mcole () CLARKU EDU> * Re: Federal laws applicable to Universities (11/07) From: "Carr, Michael G" <michael.carr () UKY EDU> * Re: Federal laws applicable to Universities (11/07) From: Tracy Beth Mitrano <tbm3 () CORNELL EDU> * Re: Federal laws applicable to Universities (11/07) From: Francisco Pérez<francisco.perez12 () UPR EDU> * Re: Federal laws applicable to Universities (11/07) From: Valerie Vogel <vvogel () EDUCAUSE EDU> * Re: Federal laws applicable to Universities (11/07) From: "Feehan, Patrick" <Patrick.Feehan () MONTGOMERYCOLLEGE EDU> * Re: Federal laws applicable to Universities (11/07) From: "Khan, Sam" <Sam_Khan () OUS EDU> * Re: Federal laws applicable to Universities (11/07) From: Carlos Lobato <clobato () NMSU EDU> * Re: Federal laws applicable to Universities (11/07) From: "Long, H Morrow" <morrow.long () YALE EDU> * Re: Federal laws applicable to Universities (11/07) From: "Shaw, David J" <shaw46 () PURDUE EDU> * Re: Federal laws applicable to Universities (11/07) From: Dan Han <s2dhan () VCU EDU> Browse the SECURITY online archives.<http://listserv.educause.edu/cgi-bin/wa.exe?LIST=SECURITY> [Anti-Virus Filter]<http://www.lsoft.com/products/default.asp?item=secured-by-FS&host=LISTSERV.EDUCAUSE.EDU&wa=http://listserv.educause.edu/cgi-bin/wa.exe> [Powered by the LISTSERV Email List Manager] <http://www.lsoft.com/products/listserv-powered.asp>
Current thread:
- Re: SECURITY Digest - Federal Laws and IT Rosenthal, Jane E. (Nov 08)