ethics and compliance program l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Ethics and Compliance Program PowerPoint Presentation
Download Presentation
Ethics and Compliance Program

Loading in 2 Seconds...

play fullscreen
1 / 18

Ethics and Compliance Program - PowerPoint PPT Presentation


  • 687 Views
  • Uploaded on

Ethics and Compliance Program Information Security Understanding… Who’s responsible? What’s information security? Why do we need information security? What’s confidential and what’s not? What do I need to protect? How do I protect information? What are the important policies and laws?

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Ethics and Compliance Program' - Faraday


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
ethics and compliance program

Ethics and Compliance Program

Information Security

information security
Understanding…

Who’s responsible?

What’s information security?

Why do we need information security?

What’s confidential and what’s not?

What do I need to protect?

How do I protect information?

What are the important policies and laws?

Where do I find out more?

Information Security
information security who s responsible
Is it students?

Is it faculty?

Is it staff?

Is it security administrators?

The Answer = All of the above, security is everyone’s responsibility!

Information SecurityWho’s Responsible?
information security what s information security

The protection of data against unauthorized access. This includes:

How we access, process, transmit, and store information

How we protect devices used to access information

How we secure paper records, telephone conversations, and other types of digital media

Information SecurityWhat’s Information Security?
information security why do we need information security

Confidential information is entrusted to us

Laws and regulations govern the use of some of this confidential information

We have an ethical obligation to protect this information from unauthorized access

Failure to do so could leave others vulnerable to fraud and other exploits

Information SecurityWhy Do We Need Information Security?
information security what s confidential and what s not
Information SecurityWhat’s Confidential and What’s Not?

IMPORTANT NOTE: If you receive a request for information from any external party, and you aren’t certain that the information can be released, refer them to the Office of the University Attorney for further action.

information security protect yourself a video

The following video is titled “Out in the Open” and was developed by Mark Lancaster, Texas A&M University. It was the second prize winner in the two minute or less category of the EDUCAUSE 2007 Computer Security Awareness Video Contest.

Make sure your sound is turned up and

CLICK ON THE LINK BELOW TO PLAY

“Out in the Open” video

Information SecurityProtect Yourself – A Video
information security how do i protect information
Share confidential information only with other employees who have a need for the information

When in doubt, don't give it out! If you are unsure whether or not to disclose certain information, err on the side of caution and don't release it

Keep confidential phone conversations and dictation from being overheard

Quickly retrieve or secure any document containing protected information that you have printed, scanned, copied, faxed, etc.

Information SecurityHow Do I Protect Information?
information security how do i protect information11

Store documents or physical media containing confidential information in locking file-cabinets or drawers

Delete and write over (i.e., "wipe") data from any electronic media before transferring or disposing of it. Ask your IT support person for assistance

Position computer screens so they're not visible to anyone but the authorized user(s)

Information SecurityHow Do I Protect Information?
information security how do i protect information12

Shred paper documents and/or CDs containing confidential information before disposal,

and secure such items until shredding

Be alert to fraudulent attempts to obtain confidential information and report these to management for referral to appropriate authorities

Log out or lock your workstation when you walk away from your work area

Use strong passwords; don’t share them

At least 8 or more characters long

Mix alpha, numeric, & special characters; upper & lower case

Don’t include dictionary words or proper names

Don’t re-use all or a major portion of a prior password

Information SecurityHow Do I Protect Information?
information security how do i protect information13
Information SecurityHow Do I Protect Information?
  • Use anti-virus software and leave auto-update enabled or update your virus definitions regularly
  • The following video, “Virus Software” is by Andrew Centafonte, Doug Standford, Jill Verillo, & Lindsey Wilson, James Madison University and received Honorable Mention in EDUCAUSE'S 2006 Computer Security Awareness Video Contest.
  • Make sure your sound is turned up and
  • CLICK ON THE LINK BELOW TO PLAY
  • “Virus Software” video
information security what are the important rules and laws
Texas State University Policies

Appropriate Use of Information Resources (UPPS 04.01.07)

http://www.txstate.edu/effective/upps/upps-04-01-07.html

Security of Texas State Information Resources (UPPS 04.01.01)

http://www.txstate.edu/effective/upps/upps-04-01-01.html

Appropriate Release of Information (UPPS 01.04.00)

http://www.txstate.edu/effective/upps/upps-01-04-00.html

Texas State policy requires that information resources be used only in support of University missions

Information SecurityWhat Are the Important Rules and Laws?
information security what are the rules and laws
FERPA – Federal Educational Rights & Privacy Act

is a federal law that protects the privacy of student educational records, and prohibits the University from disclosing information from those records without the written consent of the student

http://www.ed.gov/policy/gen/guid/fpco/ferpa/index.html

HIPAA – Health Insurance Portability & Accountability Act

is a federal law that:

Protects the privacy and security of Protected Health Information (PHI) and Electronic Protected Health Information (ePHI)

Gives patients more control over their health records

Sets limits on the accessibility and disclosure of patient health information

http://www.cms.hhs.gov/HIPAAGenInfo/

Information SecurityWhat Are the Rules and Laws?
information security what are the rules and laws16

Gramm-Leach-Bliley Act (GLBA)

includes provisions to protect the security and confidentiality of a consumers' personal financial information held by financial institutions - in any form or medium

Universities/agencies must not disclose any non-public, financial information to anyone except as permitted by law

http://www.ftc.gov/privacy/privacyinitiatives/glbact.html

TPIA – Texas Public Information Act

formerly known as the Open Records Act, specifies that all recorded information owned or accessed by a governmental body is presumed to be public information, with certain exceptions

http://www.oag.state.tx.us/AG_Publications/txts/2004publicinfohb_toc.shtml

Information SecurityWhat Are the Rules and Laws?
information security how do i find out more

Texas State Sites

IT Security - http://www.vpit.txstate.edu/security

Privacy Rights Notice - http://www.tr.txstate.edu/privacy-notice.html

Identity theft - http://webapps.tr.txstate.edu/security/identity.html

FERPA at Texas State - http://www.registrar.txstate.edu/persistent-links/ferpa.html

Contacts

Information Technology Security

512-245-HACK(4225), itsecurity@txstate.edu

Information Technology Assistance Center (Help Desk)

512-245-ITAC(4822) or 512-245-HELP, itac@txstate.edu

Information SecurityHow Do I Find Out More?
slide18
Quit Power Point & go to the Contracts and Agreements Review Questions
  • Restart Contracts & Agreements Module.
  • Quit Power Point & return to the Compliance Module Menu.