Institutional Privacy Challenges

Slides:



Advertisements
Similar presentations
Data Privacy and Security in the Cloud Presented by Robert J. Scott Managing Partner Scott & Scott, LLP
Advertisements

IT Security Policy Framework
Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.
Big Data - Ethical Data Use Kimberlin Cranford. Ethical Use in the Era of Big Data  Landscape has Changed  Attitudes about Big Data  PII, Anonymous,
© Chery F. Kendrick & Kendrick Technical Services.
Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.
Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,
Amber LaFountain Project Archivist - Private Practices, Public Health Center for the History of Medicine Francis A. Countway Library of Medicine Harvard.
Information Privacy and Compliance Training For All Brigham Young University– Idaho Employees.
PII / IDENTITY THEFT Is Your University an Open Market for ID Thieves? TACUA 2011 Carol Rapps CIA, CISA, CCSA, GLIT
Planning for the Elimination of Social Security Numbers as Primary Identifiers Mike Corn, University of Illinois Jenny Mehmedovic, University of Kansas.
Security, Privacy, and the Protection of Personally Identifiable Information Rodney J. Petersen Policy Analyst, EDUCAUSE EDUCAUSE/Internet2 Security.
Information & Communication Technologies NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.
© Chery F. Kendrick & Kendrick Technical Services.
Information Security Policies Larry Conrad September 29, 2009.
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Data Security At Cornell Steve Schuster. Questions I’d like to Answer ► Why do we care about data security? ► What are our biggest challenges at Cornell?
New Faculty Orientation to Privacy and Security at UF Susan Blair, Chief Privacy Officer Kathy Bergsma, Information Security.
1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, This work is the intellectual property.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
Personal Data (Privacy) Ordinance Hong Kong Personal Data (Privacy) Ordinance Hong Kong by Stephen Lau Privacy Commissioner for Personal Data Hong Kong.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Securing Information in the Higher Education Office.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
1 U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Diana S. Hare Associate General Counsel Drexel University.
Electronic Records Management: What Management Needs to Know May 2009.
1 General Awareness Training Security Awareness Module 1 Overview and Requirements.
Identity Protection (Red Flag/PCI Compliance/SSN Remediation) SACUBO Fall Workshop Savannah, GA November 3, 2009.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Privacy and Security Laws for Health Care Organizations Presented by Robert J. Scott Scott & Scott, LLP
Enterprise Risk Management & IT Compliance March 30, 2010 Presented by: Ken Rowe, Director Enterprise Systems Assurance & Chief Security Officer University.
R ed F lag R ule Training for the Veterinary Industry © Chery F. Kendrick & Kendrick Technical Services.
Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.
Privacy in computing Material/text on the slides from Chapter 10 Textbook: Pfleeger.
New Identity Theft Rules Rodney J. Petersen, J.D. Government Relations Officer Security Task Force Coordinator EDUCAUSE.
Information Privacy: Public Policy and Institutional Policies Wendy Wigen Policy Analyst, EDUCAUSE Copyright Wendy Wigen, This work is the intellectual.
IT Security Policy Framework ● Policies ● Standards ● Procedures ● Guidelines.
Data Breach: How to Get Your Campus on the Front Page of the Chronicle?
STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES 1 The Technical Services Stuff in IT Services A brief tour of the technical and service offering plethora.
Student Financial Assistance. Session 55-2 Session 55 Internet Privacy Laws.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
Compliance is Pretty Important, I Guess Florida Gulf Coast ARMA Meeting.
Chapter 4: Laws, Regulations, and Compliance
Sorting out IT Policy at Poly U. Ron Heasley Will Krause Tim Logan Mary Schoeler.
Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This.
Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.
Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.
PCard Sensitive and Protected Information Procedures
Information Security Program
Office 365 Security Assessment Workshop
Regulatory Compliance
Outsource Contracting Law, Policy, & Process
IS4680 Security Auditing for Compliance
CMGT 582 Competitive Success-- snaptutorial.com
CMGT 582 STUDY Lessons in Excellence--cmgt582study.com.
CMGT 582 Education for Service-- snaptutorial.com
CMGT 582 STUDY Education for Service--cmgt582study.com.
CMGT 582 Teaching Effectively-- snaptutorial.com
UNM Information Security Program (ISMS)
Matthew Christian Dave Maddox Tim Toennies
Protecting Personal Information Guidance for Business.
Procurement Reviews Marty Desautels, Associate Controller
Higher Education Privacy Update
Securing and Protecting Citizens' Data
Compliance….GlobalSearch……WHAT?!?!
Governance, Risk, and Compliance Systems in Higher Education
Lesson 1  7 Basic Components of an Effective Compliance Plan
Objectives Describe the purposes of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 Explore how the HITECH Act.
Presentation transcript:

Institutional Privacy Challenges Jeff Gassaway, Information Security and Privacy Officer Sarah Morrow, HIPAA Privacy Officer, HSC Chief Privacy Officer

Agenda Privacy & Security Alphabet Soup UNM Opportunities The Horizon

Privacy & Security Mutually Supporting Principles with Differing Missions Privacy is the ability to exercise control over the collection and use of your personal private information including, to some degree, your personal protected health information Personally Identifiable/ Sensitive and Protected Information (PII/SPI) Security is the physical, technical and administrative methods we implement to keep that information private and protected

Alphabet Soup of Regulations FERPA GLBA HIPAA/ HITECH/Omnibus FTC Red Flags FCRA Privacy Act of 1974 Et al. Unfair and Deceptive Practices CAN-SPAM TSR ECPA COPPA PCI Et. al.

Alphabet Soup of Policies You May know of these … UNM 2500 Acceptable Computer Use Policy UNM 2520 Computer Security Controls and Access to SPI But, did you know … Regents Policy 3.7 Health Information Compliance Regents Policy 5.14 Human Subjects in Research UNM 2030 Social Security Numbers UNM 2040 Identity Theft UNM 2300 Inspection of Public Records UNM 2580 Data Governance UNM 7215 Credit Card Compliance

UNM Current Practices for PCI HIPAA/ HITECH SSN FERPA

The Land of … Opportunities! Could, Should, Will, Shall, Must, Strives UNM-wide Privacy Policy Program Statement(s)

The Horizon OCR HIPAA Audits Privacy Impact Assessments

Preguntas? privacy@unm.edu smorrow2@unm.edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.