SENSITIVE DATA STANDARDS

Slides:



Advertisements
Similar presentations
Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC Health Insurance Portability.
Advertisements

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
Identity Assurance at Virginia Tech CSG January 13, 2010 Mary Dunker
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
Financial Data Protection and Consumer Notification of Data Security Breach Act of 2006 Sara Juster, JD Vice President/Corporate Compliance Officer Nebraska.
Risk Management a Case Study DATALAWS Information Technology Law Consultants Presented by F. F Akinsuyi (MSc, LLM)MBCS.
“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “
Data Classification & Privacy Inventory Workshop
Information Security Policies Larry Conrad September 29, 2009.
Silo Compliance Risk vs. Enterprise Compliance Risk Presented to: ORIMS PD Day By: Joe Hardy & Tony Carlisle.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Data Security At Cornell Steve Schuster. Questions I’d like to Answer ► Why do we care about data security? ► What are our biggest challenges at Cornell?
IT Security Challenges In Higher Education Steve Schuster Cornell University.
Chapter Extension 22 Managing Computer Security Risk © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
What is personally identifiable information (PII)? KDE Employee Training Data Security Video Series 1 of 3 October 2014.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
Hazardous Materials Transportation
Arizona’s First University. Risk Management Considerations for Department Purchasing Card Use.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.
Business start up plan requirements. REGISTERING A BUSINESS. – Apply for and register a name. – Apply for Articles of Incorporation for a LLC Company.
Applied Technology Services, Inc. Your Partner in Technology Applied Technology Services, Inc. Your Partner in Technology.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.
Florida Information Protection Act of 2014 (FIPA).
ENCRYPTION Team 2.0 Pamela Dornan, Thomas Malone, David Kotar, Nayan Thakker, and Eddie Gallon.
Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.
Analysis of Protectionist Trade Policies in Agriculture Dr. George Norton Agricultural and Applied Economics Virginia Tech Copyright 2008 AAEC 3204.
Conducting Compliance Assessments and Building Internal Controls In Pharmaceutical R&D Third Annual Medical Research Summit – Session 2.01 Michael Swiatocha.
Securing Patient-Related Data: The Impact of HIPAA Module VI NUR 603 Russ McGuire.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
SPH Information Security Update September 10, 2010.
Information Asset Classification Community of Practicerev. 10/24/2007 Information Asset Classification What it means to employees.
Prepared by Dept. of Information Technology & Telecommunications, November 19, 2015 Application Security Business Risk and Data Protection Gregory Neuhaus.
Information Security General Awareness Training Module 1 – Introduction For The UF HSC Workforce.
Energize Your Workflow! ©2006 Merge eMed. All Rights Reserved User Group Meeting “Energize Your Workflow” May 7-9, Security.
STANFORD UNIVERSITY RESEARCH COMPUTING Are we outliers? Institutional minimum security requirements RUTH MARINSHAW OCTOBER 14, 2015.
Csci5233 Computer Security & Integrity 1 Overview of Security & Java (based on GS: Ch. 1)
INTRODUCTION: World Bank Environmental and Social Safeguard Policies Training Workshop for Financial Intermediaries and Implementing Agencies May-June,
Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This.
MIS5001: Information Technology Management Ethics and Continuity Management Larry Brandolph
Your Cyber Security: The scope of your risk is broad and growing To understand the nature of the risk landscape look at the presentations here today-begin.
The Basics of Protecting Electronic Personal Health Information Greg Nance - CISSP, CRISC, CISA, ITIL Information Security Governance, Risk and Compliance.
Protecting PHI & PII 12/30/2017 6:45 AM
Data Sharing, Storage, & Consent
Florida Information Protection Act of 2014 (FIPA)
Trade-offs to establish an integrated, comprehensive protection scheme
Chapter Three Objectives
Information Technology (IT) Department
Florida Information Protection Act of 2014 (FIPA)
Information Security: Risk Management or Business Enablement?
Agenda Introduction Why is cybersecurity important? Laws & Regulations
Data Sharing, Storage, & Consent
Agenda item number 1 Agenda item number 2 Agenda item number 3 Agenda item number 4 Agenda item number 5.
2017 TCS SMT Training - Dallas
Office of Information Security
Insuring Against Catastrophes
بعض النقاط التي تؤخذ في الحسبان عند تقييم الاستثمارات الزراعية
Department of Health & Human Services (HHS)
دانشگاه علوم پزشکی بوشهر دانشکده بهداشت
دانشگاه علوم پزشکی بوشهر دانشکده بهداشت
Risk Articulation Articulation Translation to Risk Register
RISK RATING GUIDE APPENDIX C LIKELIHOOD RATING Rating Description
Make it real: Help your customers comply with the GDPR
PERSONALLY IDENTIFIABLE INFORMATION: AUDIT CONSIDERATIONS
Action title DUMMY SLIDE DUMMY SLIDE DUMMY SLIDE Situation
Presentation transcript:

SENSITIVE DATA STANDARDS

AGENDA VT Risk Classification Standard – What is high risk data? Standard for High Risk Digital Data Protection Minimum Security Standard

AGENDA GIVE AWAY CANDY!

DIVIDER SLIDE #1

Need a volunteer!

Virginia Tech Data Classifications What is high risk data? Protection of the data is required by law/regulation, and Virginia Tech is required to self-report to the government and/or provide notice to the individual if the data is inappropriately accessed; or The loss of confidentiality, integrity, or availability of the data or system could have a significant adverse impact on our mission, safety, finances, or reputation. Virginia Tech Data Classifications

Standard for High Risk Digital Data Protection What high risk data elements are covered in this standard? Social Security Numbers Driver’s License/State ID Numbers Credit/Debit Account Numbers, Financial Account Numbers, Passport Numbers Student data (nondirectory or items marked confidential) Export Controlled Research Data Standard for High Risk Digital Data Protection

Standard for High Risk Digital Data Protection What element is not covered in this standard but should be? Standard for High Risk Digital Data Protection Protected Health Information

Standard for High Risk Digital Data Protection Data Element/Type University Policies and Standards Laws and Regulations VT Required Protections Standard for High Risk Digital Data Protection 02 | SECTION TITLE

Show Standard for High Risk Digital Data Protection

Minimum Security Standards Additional requirements for clients, servers, and applications based on risk of data it stores Minimum Security Standards

WHERE ARE THESE STANDARDS LOCATED? it.vt.edu | Resources | Policies and Standards

QUESTIONS?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.