Data Stewardship May 13, 2010 Tom Barton R.L. Morgan Ron Kraemer.

Slides:

Advertisements

Similar presentations

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Advertisements

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

Digital Citizenship Corbin Elementary.

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.

Springfield Technical Community College Security Awareness Training.

A dialogue with FMUG: Sensitive Data & Filemaker MIT Policy and Data Classifications ** DRAFT ** Guidelines Feedback and Discussion Tim McGovern 2 June.

Securing NPI Mary Schuster Mike Murphy.  Gramm-Leach-Bliley Act Enacted to control the ways that financial institutions deal with the private information.

Data Storage and Security Best Practices for storing and securing your data The goal of data storage is to ensure that your research data are in a safe.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

VIU Workshop: Creating a Culture of Privacy Awareness June 12, 2013 By Justin Hodkinson OIPC Policy Analyst/Investigator Office of the Information & Privacy.

Deter, Detect, Defend: The FTC’s Program on Identity Theft.

Critical Data Management Indiana University HR Summit April 24, 2014.

Safe Computing Dave Carter, CISSP Michigan State University College of Agriculture and Natural Resources.

Data Ownership Responsibilities & Procedures

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.

Locking the Backdoor: Computer Security and Medical Office Practice Dr. Maury Pinsk, FRCPC University of Alberta Division of Pediatric Nephrology.

Security Controls – What Works

LBSC 708X The Record Nature of Electronic Records College of Information Studies.

Information Security Policies and Standards

Developing a Records & Information Retention & Disposition Program:

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

1 E-Discovery Changes to Federal Rules of Civil Procedure Concerning Discovery of Electronically Stored Information (ESI) Effective Date: 12/01/2006 October,

NHPRC ELECTRONIC RECORDS RESEARCH FELLOWSHIP SYMPOSIUM Nov. 19, 2004 Rebecca Schulte University of Kansas Project Title: Testing Boundaries—An Exploration.

Risk Assessment 101 Kelley Bradder VP and CIO Simpson College.

Company LOGO Internet Safety A Community Approach.

SECURITY: Personal Health Information Protection Act, 2004 this 5 min. course covers: changing landscape of electronic health records security threats.

New Data Regulation Law 201 CMR TJX Video.

 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.

1Copyright Jordan Lawrence. All rights reserved. Annual In-House Symposium Practical Steps to Minimize Privacy Risks: Understanding The Intersection.

Securing Information in the Higher Education Office.

The Office Procedures and Technology

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Handling information 14 Standard.

Family Financial Management Annie’s Project January 23, 2007 Coweta Oklahoma.

PRIVACY BOOTCAMP YpJU.

7 Handling a Digital Crime Scene Dr. John P. Abraham Professor UTPA.

Move Pictures From Your Mobile Phone to Your PC.  You never know when a photo opportunity is going to arise, which is why having a camera phone can be.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Project Tomorrow: Speak Up! Data to Move Your School Forward Robert Hindman, Principal Taylor Elementary School Arlington Public Schools July 2012.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 7, 2015 DRAFT1.

Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.

Dangerous Documents. Legal Compliances State and federal laws Contractual obligations Subject to an affirmative legal duty to establish and maintain certain.

Lockdown 2010 The conference will be begin at 7:45am Please check-in at the registration table in the atrium and pick up a conference hat, name tag and.

Cyber Security Awareness Month Using Your Laptop Safely On the Road Off-Campus Safe Computing Part 2.

Cyber Security Awareness Month Protecting Your Laptop’s Data Off-Campus Safe Computing Part 1.

Grove Primary School. What is E-Safety? E-Safety is a term which means not only the internet but other ways in which young people communicate using electronic.

1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.

FILE MANAGEMENT Computer Basics 1.3. FILE EXTENSIONS.txt.pdf.jpg.bmp.png.zip.wav.mp3.doc.docx.xls.xlsx.ppt.pptx.accdb.

PRIVACY BOOTCAMP Jack Vale - Social Media Experiement.

OCTOBER IS CYBER SECURITY AWARENESS MONTH. October is Cyber Security Awareness Month  Our Cyber Security Awareness Campaign focuses on topics such as.

Computer Security Sample security policy Dr Alexei Vernitski.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

RECORDS MANAGEMENT Judith Read and Mary Lea Ginn Chapter 12 Electronic Media and Image Records 1 © 2016 Cengage Learning ®. May not be scanned, copied.

UW-Madison Guidelines for Managing the Records of Departing Employees*

DATA SECURITY FOR MEDICAL RESEARCH

UNIT 19 Data Security 2.

CIS 349 Competitive Success/snaptutorial.com

CIS 349 Education for Service/snaptutorial.com

CIS 349 Teaching Effectively-- snaptutorial.com

HIPAA & PHI TRAINING & AWARENESS

Online Safety: Rights and Responsibilities

Information Security in Your Office

School of Medicine Orientation Information Security Training

Presentation transcript:

Data Stewardship May 13, 2010 Tom Barton R.L. Morgan Ron Kraemer

Introduction Data Stewardship Surveys – ECAR study – CSG survey Let’s talk

Individual College, School and Unit Institution Accountability Policy and Law Assessment and Audit Data Governance and Management (Data Stewardship) Communication/ Collaboration Tools ServicesEducation Safeguarding the Information Entrusted to Us Research

Student/Faculty/Staff/Institutional Data 1.Social Security Numbers 2.Driver’s License Numbers 3.Financial Account Information (credit/debit card numbers, bank account information) [student, employee, parent, guardian, alumni, and friends] 4.Health Records 5.DNA profile information 6.Biometric data (fingerprints, voiceprints, retina/iris image) 7.Alumni and donor financial information 8.Behavioral data on the patients treated at college/university hospitals, research subjects, and children cared for in campus day-care centers 9.Academic Records/Student Data 10.Employment Records/Guest Records 11.Background check, reference, debt collection, and litigation data 12.Date of birth 13.Security video records 14.Photo ID records 15.Security scan information 16. /Voice Mail Records 17.Location/access data from key cards, wireless Internet connections, etc. 18.Library and electronic reserve records 19.Purchase history information 20.Vehicle data 21.Intellectual property related to teaching and research Where is this data? 1.Servers, desktop systems, fixed storage devices (disk and tape), etc. 2.Mobile devices (e.g., laptops, smartphones, removable hard drives, iPods, flash drives, etc.) 3.Other devices connected to the network (e.g., microscopes, lab equipment, video conferencing systems, smartboards, etc.) 4.Other media (CDs, DVDs, microfiche, digital tape, paper, etc.) 5.Devices outside the university (e.g., Facebook, Google, our homes, on associate’s devices, etc.) Some of the Information Entrusted to the University University devices might also be used to store individual personal data (tax forms, personal account information [Bank information, Amazon.com, etc.], passwords, etc.). If so, these data should be deleted.

Institutional Data Management in Higher Education (ECAR Study) – Dec 2009 Restricted/sensitive data is secure from unauthorized access (3.87) Employees understand their responsibilities in the use of data (3.14) We get maximum academic value from institutional data (2.72) We get maximum business value from institutional data (2.67) Scale: 1=strongly disagree/5=strongly agree

Protect Serve

"You've got to ask yourself one question: 'Do I feel lucky?' Well, do ya, punk?" Harry Callahan, 1971

Do you approach data stewardship more as protection or as service?

How have your stewardship programs changed over time?

What are your data stewardship objectives?

Objectives in survey Clarify roles & responsibilities Make data policies & standards Ensure consistency & accuracy Govern data access & movement Document, guide & educate for proper use Protect sensitive data, reduce exposure Resolve issues & disputes

Outcomes Improvement in data consistency, metadata, etc Data access, classification, retention policies & procedures Requirements & policies for Identity Management

Collateral Outcomes Less replication Inception of records management program New/closer working relationships Increased awareness of data security Corrected misuse of title Others?