Educause Security Discussion mailing list archives
Re: Requests for record/data erasure
From: "Kimmitt, Jonathan" <jonathan-kimmitt () UTULSA EDU>
Date: Mon, 1 Feb 2021 19:30:14 +0000
Thank you Francisco! Yes, we have been cautious with the 'Mine' emails... however, we also want to make sure we are prepared with an answer/policy to a formal request for erasure..... Of course we are watching the new privacy laws pop up around the US and the possible new federal legislation, so that may help structure the process in the future..... -Jonathan From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Francisco Chavez Sent: Monday, February 1, 2021 1:24 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Requests for record/data erasure Hi Jonathan, We have also been receiving an elevated amount of requests that look like these from a company called "Mine". However, in every case we have investigated we do not hold any data for the individual that is shown on the request. I don't know if you are experiencing the same thing... Also, when you use the link to see more information it only takes you to a sign up page. Sincerely, Francisco Chavez -- Francisco Chavez, MBA | Interim CTO Saint Mary's College of California ............................................................................................................................... IT Services<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.stmarys-ca.edu%2Fit-services&data=04%7C01%7Cjonathan-kimmitt%40UTULSA.EDU%7Cdcfc59a3eba34948f3ef08d8c6e6f6f1%7Cd4ff013c62b74167924f5bd93e8202d3%7C0%7C0%7C637478042580249703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=M6V9fzYYMOkAh32z9aId%2BXgyoeDFb2w5exXZJ01IPEs%3D&reserved=0> phone: (925) 631-8236 email: fac3 () stmarys-ca edu<mailto:fac3 () stmarys-ca edu> [cid:image001.jpg@01D6F89E.5DE24740] On Feb 1, 2021, at 11:15 AM, Kimmitt, Jonathan <jonathan-kimmitt () UTULSA EDU<mailto:jonathan-kimmitt () UTULSA EDU>> wrote: Hi all, We are receiving an increasing amount of 'data erasure requests', and I am wondering how other .edu's are handling.... One of the emails that we are specifically receiving is: ____________________________________________ Hello Utulsa (utulsa.edu<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Futulsa.edu%2F&data=04%7C01%7Cjonathan-kimmitt%40UTULSA.EDU%7Cdcfc59a3eba34948f3ef08d8c6e6f6f1%7Cd4ff013c62b74167924f5bd93e8202d3%7C0%7C0%7C637478042580249703%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=UAXpAfgk1Wo3S%2ByL%2BxHGwAprMutqraAeEeHb%2F%2BzOg1o%3D&reserved=0>), My name is *&*&*&*&*&* and I hereby request to erase all personal data that you hold about me. Please send me an email confirmation of the complete and permanent erasure of the personal data once you have completed the erasure process. My personal details are: * Name: *&*&*&*&*&*&* * Email: *&*&*&*&*&*&*& As evidence of my interaction with your company, I received an email on 2018 March 19 that indicates that you are holding personal data about me. Companies: For additional context to complete this DSR, *&*&*&*&*&*&*&*& Thanks, *&*&*&*&*&*&*& ____________________________________________ Ignoring the validity of the email, I'm curious to if anyone has any specific policies that deal with requests for erasure from a data subject, who are not otherwise under GDPR scope..... Thanks all! -Jonathan ~ Jonathan Kimmitt CISSP, FIP, CDPSE, CIPP/E, CIPM, CIPT, GLEG, GPEN, GSNA, PCIP, CEH Chief Information Security Officer Information Technology The University of Tulsa 918.631.2743 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjonathan-kimmitt%40UTULSA.EDU%7Cdcfc59a3eba34948f3ef08d8c6e6f6f1%7Cd4ff013c62b74167924f5bd93e8202d3%7C0%7C0%7C637478042580259691%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=tlJDjYDDvrDbAtf6nbLTjeHpDsj0HQGNKuhNalznA8Y%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjonathan-kimmitt%40UTULSA.EDU%7Cdcfc59a3eba34948f3ef08d8c6e6f6f1%7Cd4ff013c62b74167924f5bd93e8202d3%7C0%7C0%7C637478042580259691%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=tlJDjYDDvrDbAtf6nbLTjeHpDsj0HQGNKuhNalznA8Y%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Requests for record/data erasure Kimmitt, Jonathan (Feb 01)
- Re: Requests for record/data erasure Francisco Chavez (Feb 01)
- Re: Requests for record/data erasure Kimmitt, Jonathan (Feb 01)
- Re: Requests for record/data erasure Laura Raderman (Feb 01)
- Re: Requests for record/data erasure Jerry Tylutki (Feb 01)
- Re: Requests for record/data erasure Francisco Chavez (Feb 01)