Educause Security Discussion mailing list archives
Re: Requests for record/data erasure
From: "Kimmitt, Jonathan" <jonathan-kimmitt () UTULSA EDU>
Date: Mon, 1 Feb 2021 19:30:14 +0000
Thank you Francisco!
Yes, we have been cautious with the 'Mine' emails... however, we also want to make sure we are prepared with an
answer/policy to a formal request for erasure.....
Of course we are watching the new privacy laws pop up around the US and the possible new federal legislation, so that
may help structure the process in the future.....
-Jonathan
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Francisco Chavez
Sent: Monday, February 1, 2021 1:24 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Requests for record/data erasure
Hi Jonathan,
We have also been receiving an elevated amount of requests that look like these from a company called
"Mine". However, in every case we have investigated we do not hold any data for the individual that is shown on the
request.
I don't know if you are experiencing the same thing... Also, when you use the link to see more information it only
takes you to a sign up page.
Sincerely,
Francisco Chavez
--
Francisco Chavez, MBA | Interim CTO
Saint Mary's College of California
...............................................................................................................................
IT
Services<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.stmarys-ca.edu%2Fit-services&data=04%7C01%7Cjonathan-kimmitt%40UTULSA.EDU%7Cdcfc59a3eba34948f3ef08d8c6e6f6f1%7Cd4ff013c62b74167924f5bd93e8202d3%7C0%7C0%7C637478042580249703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=M6V9fzYYMOkAh32z9aId%2BXgyoeDFb2w5exXZJ01IPEs%3D&reserved=0>
phone: (925) 631-8236
email: fac3 () stmarys-ca edu<mailto:fac3 () stmarys-ca edu>
[cid:image001.jpg@01D6F89E.5DE24740]
On Feb 1, 2021, at 11:15 AM, Kimmitt, Jonathan <jonathan-kimmitt () UTULSA EDU<mailto:jonathan-kimmitt () UTULSA EDU>>
wrote:
Hi all,
We are receiving an increasing amount of 'data erasure requests', and I am wondering how other .edu's are handling....
One of the emails that we are specifically receiving is:
____________________________________________
Hello Utulsa
(utulsa.edu<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Futulsa.edu%2F&data=04%7C01%7Cjonathan-kimmitt%40UTULSA.EDU%7Cdcfc59a3eba34948f3ef08d8c6e6f6f1%7Cd4ff013c62b74167924f5bd93e8202d3%7C0%7C0%7C637478042580249703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=UAXpAfgk1Wo3S%2ByL%2BxHGwAprMutqraAeEeHb%2F%2BzOg1o%3D&reserved=0>),
My name is *&*&*&*&*&* and I hereby request to erase all personal data that you hold about me.
Please send me an email confirmation of the complete and permanent erasure of the personal data once you have completed
the erasure process.
My personal details are:
* Name: *&*&*&*&*&*&*
* Email: *&*&*&*&*&*&*&
As evidence of my interaction with your company, I received an email on 2018 March 19 that indicates that you are
holding personal data about me.
Companies: For additional context to complete this DSR, *&*&*&*&*&*&*&*&
Thanks,
*&*&*&*&*&*&*&
____________________________________________
Ignoring the validity of the email, I'm curious to if anyone has any specific policies that deal with requests for
erasure from a data subject, who are not otherwise under GDPR scope.....
Thanks all!
-Jonathan
~
Jonathan Kimmitt
CISSP, FIP, CDPSE, CIPP/E, CIPM,
CIPT, GLEG, GPEN, GSNA, PCIP, CEH
Chief Information Security Officer
Information Technology
The University of Tulsa
918.631.2743
**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the
person who sent the message, copy and paste their email address and forward the email reply. Additional participation
and subscription information can be found at
https://www.educause.edu/community<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjonathan-kimmitt%40UTULSA.EDU%7Cdcfc59a3eba34948f3ef08d8c6e6f6f1%7Cd4ff013c62b74167924f5bd93e8202d3%7C0%7C0%7C637478042580259691%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=tlJDjYDDvrDbAtf6nbLTjeHpDsj0HQGNKuhNalznA8Y%3D&reserved=0>
**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the
person who sent the message, copy and paste their email address and forward the email reply. Additional participation
and subscription information can be found at
https://www.educause.edu/community<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjonathan-kimmitt%40UTULSA.EDU%7Cdcfc59a3eba34948f3ef08d8c6e6f6f1%7Cd4ff013c62b74167924f5bd93e8202d3%7C0%7C0%7C637478042580259691%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=tlJDjYDDvrDbAtf6nbLTjeHpDsj0HQGNKuhNalznA8Y%3D&reserved=0>
**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the
person who sent the message, copy and paste their email address and forward the email reply. Additional participation
and subscription information can be found at https://www.educause.edu/community
Current thread:
- Requests for record/data erasure Kimmitt, Jonathan (Feb 01)
- Re: Requests for record/data erasure Francisco Chavez (Feb 01)
- Re: Requests for record/data erasure Kimmitt, Jonathan (Feb 01)
- Re: Requests for record/data erasure Laura Raderman (Feb 01)
- Re: Requests for record/data erasure Jerry Tylutki (Feb 01)
- Re: Requests for record/data erasure Francisco Chavez (Feb 01)