Educause Security Discussion mailing list archives

Re: GDPR Question

From: Adam Menos <amenos () ARTIC EDU>
Date: Tue, 9 Jan 2018 14:12:08 -0600

 

 

ISACA had provided this template for GDPR. 

Adam Menos
Director of Information Security 

116 S Michigan Ave | Chicago, IL 60603
Office: 312.499.4031
 <mailto:amenos () artic edu> amenos () artic edu

 <http://www.artic.edu/> AIC     <http://www.saic.edu/> SAIC
 <http://www.artic.edu/> 
**** No member of the Information Services Department will ever request
password information via email ! Please contact TSS or CRIT Help Desk should
you receive such a request. ****

 

 

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joanna Grama
Sent: Monday, January 8, 2018 5:52 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] GDPR Question

 

I echo Chris' comments about the NACUA GDPR presentation at their annual
meeting. It was quite informative!

 

Some of those same attorneys presented at the EDUCAUSE annual conference
this past fall as well. You can find their handouts at the bottom of this
page:
https://events.educause.edu/annual-conference/2017/agenda/the-new-eu-general
-data-protection-regulations-what-it-specialists-need-to-know

 

Kind regards,

Joanna

 

 

Joanna Grama, JD, CISSP, CRISC, CIPT
Director of Cybersecurity and IT GRC Programs

 

EDUCAUSE
Uncommon Thinking for the Common Good
282 Century Place, Suite 5000, Louisville, CO 80027
direct: 720.406.6769 |  <mailto:jgrama () educause edu> jgrama () educause edu 

 

Become a Member- Everyone at your organization is an EDUCAUSE member when
you join | Access discounts, resources, and valuable peer networks |
Discover membership <https://www.educause.edu/about/discover-membership> 

 

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Chris Garriss
Sent: Monday, January 8, 2018 4:47 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] GDPR Question

 

National Association of College and University Attorneys had a quite nice
presentation at their annual meeting last year that addressed this very
issue.  Short answer - anyone in EU, citizen or no, is covered.  This
includes study abroad, and can raise some interesting issues.

On 1/8/2018 9:50 AM, Pardonek, Jim wrote:

Good Morning,

 

We have been having some discussions regarding what population's records are
subject to GDPR.  The discussion centers around whether or not the records
of US citizens that study abroad fall under GDPR.  Some say it's only those
who are citizens of the EU.  Is there any guidance on this topic?

 

Thanks and have a great day.

 

Jim

 

James Pardonek, MS, CISSP, CEH

Information Security Officer
Loyola University Chicago 
1032 W. Sheridan Road | Chicago, IL  60660

(: (773) 508-6086

 

Loyola University Chicago will never ask your for your username or password.

For the lastest information security news at Loyola, please follow us
online,

Twitter: @LUCUISO

Facebook:  <https://www.facebook.com/lucuiso/>
https://www.facebook.com/lucuiso/

Our Blog http://blogs.luc.edu/uiso/

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joanna Grama
Sent: Monday, October 2, 2017 9:16 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] October 24 GDPR Webinar from Tambellini Group and
EDUCAUSE

 

Good morning,

Many of us continue to struggle with understanding the scope and finer
points of the EU GDPR and its application to US higher education
institutions. To that end, EDUCAUSE and the Tambellini Group have been
working together to share more information on this topic and we are pleased
to announce an upcoming webinar that you may be interested in.

 

The jointly sponsored webinar will be held on Tuesday, October 24, 2017,
from 1-2pm ET.  You can register for the webinar and read more about the
webinar content here:
<https://marketing.thetambellinigroup.com/acton/media/10722/gdpr-and-us-high
er-education-institutions-webinar>
https://marketing.thetambellinigroup.com/acton/media/10722/gdpr-and-us-highe
r-education-institutions-webinar

 

As GDPR questions have been coming up on our various EDUCAUSE lists, we have
been sharing those questions with the Tambellini group so that they can be
specifically addressed in the upcoming webinar.

 

Kind regards,

Joanna 

 

(This message has been cross posted on the EDUCAUSE security, privacy, and
IT GRC discussion listservs.)

 

Joanna Grama, JD, CISSP, CRISC, CIPT
Director of Cybersecurity and IT GRC Programs

 

EDUCAUSE
Uncommon Thinking for the Common Good
282 Century Place, Suite 5000, Louisville, CO 80027
direct: 720.406.6769 | cell: 720.507.5983 |  <mailto:jgrama () educause edu>
jgrama () educause edu 

 

Become a Member- Everyone at your organization is an EDUCAUSE member when
you join | Access discounts, resources, and valuable peer networks |
<https://www.educause.edu/about/discover-membership> Discover membership

Attachment: GDPR-Data-Protection-Impact-Assessment-Tool_res_eng_0917.xlsx
Description:

Current thread:

Re: GDPR Question, (continued)
- - - Re: GDPR Question Brad Judy (Jan 08)
    - Re: GDPR Question John Denune (Jan 08)
    - Re: GDPR Question Brad Judy (Jan 08)
    - Re: GDPR Question Jennifer Svensson (Jan 08)
    - Re: GDPR Question David Sheryn (Jan 08)
    - Re: GDPR Question Adam Maynard (Jan 08)
    - Re: GDPR Question Brad Judy (Jan 08)
    - Re: GDPR Question Ben Marsden (Jan 08)
- Re: GDPR Question Chris Garriss (Jan 08)
  - Re: GDPR Question Joanna Grama (Jan 08)
    - Re: GDPR Question Adam Menos (Jan 09)