Information Privacy: Public Policy and Institutional Policies Wendy Wigen Policy Analyst, EDUCAUSE Copyright Wendy Wigen, 2004. This work is the intellectual.

Slides:

Advertisements

Similar presentations

Fair Credit Reporting Act You must be told if information in your file has been used against you You can find out what is in your file You can dispute.

Advertisements

What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.

Security, Privacy, Copyright, and Other Institutional Policy Implications of Online Learning Rodney J. Petersen, J.D. Policy Analyst & Security Task Force.

Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.

Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.

Making the Case for Security: An Application of the NIST Security Assessment Framework to GW January 17, 2003 David Swartz Chief Information Officer Guy.

1 Electronic Transactions and Code Sets Enforcement CMS Office of HIPAA Standards.

An Online, Interactive Approach to Copyright and Intellectual Property Law Education EDUCAUSE Midwest, March 2007, Chicago Christine Greenhow, Ed.D. J.D.

Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE.

Advancing Security Programs through Partnerships Cathy HubbsShirley Payne IT Security Coordinator Director for Security Coordination & Policy George Mason.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Pam Downs Ajay Gupta The Pennsylvania Prince George’s State University Community College "Copyright Penn State University This work is the intellectual.

Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.

1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, This work is the intellectual property.

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

Unraveling Web Development PRESENTERS: Bob Nakles and Paras Kaul, George Mason University.

Risk Assessment 101 Kelley Bradder VP and CIO Simpson College.

© 2003, EDUCAUSE Information Privacy: Public Policy and Institutional Policies Rodney J. Petersen Policy Analyst, EDUCAUSE EDUCAUSE/Internet2 Security.

Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.

Security Awareness: Taking the Medicine and Liking It Shirley C. Payne Director for Security Coordination University of Virginia EDUCAUSE Conference October.

1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.

CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,

1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,

EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

Personal Data (Privacy) Ordinance Hong Kong Personal Data (Privacy) Ordinance Hong Kong by Stephen Lau Privacy Commissioner for Personal Data Hong Kong.

Protecting the Security of Your Information Mary Beth Richards Federal Trade Commission May 7, 2008.

Herding CATS: the Community of Academic Technology Staff Lou Zweier, Director CSU Center for Distributed Learning The California State University NLII,

Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.

Ten Thing IT Staff Need to Know About Education Records Privacy Ten Things IT Staff Need to Know About Education Records Privacy Jeff von Munkwitz-Smith.

Moving Your Paperwork Online University of California, Irvine presents PayQuest Copyright UC,Irvine This work is the.

Issues Associated with ePortfolios in Small Colleges EDUCAUSE Mid-Atlantic Regional Conference 2006 Ed Barboni, Senior Advisor, Council of Independent.

HIPAA PRIVACY AND SECURITY AWARENESS.

Enterprise data (decentralized control, data security and privacy) Incident Response: State and Federal Law Rodney Petersen Security Task Force Coordinator.

Center for Planning and Information Technology T HE C ATHOLIC U NIVERSITY of A MERICA ERP Systems: Ongoing Support Challenges and Opportunities Copyright.

NERCOMP 2002 Ten Things IT Staff Need to Know About Education Records Privacy Jeff von Munkwitz-Smith University Registrar University of Connecticut.

Computer and Internet privacy (2) University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot Feb 2011 Feb 2011 ITSS 4201 Internet.

HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.

New Identity Theft Rules Rodney J. Petersen, J.D. Government Relations Officer Security Task Force Coordinator EDUCAUSE.

Policy and IT Security Awareness Amy Ginther Policy Develoment Coordinator University of Maryland Information Technology Security Workshop April 2, 2004.

Safeguarding Research Data Policy and Implementation Challenges Miguel Soldi February 24, 2006 THE UNIVERSITY OF TEXAS SYSTEM.

Protecting Privacy “Most people have figured out by now you can’t do anything on the Web without leaving a record” - Holman W. Jenkins, Jr

November 7, 2005EDUCAUSE Live1 An Eye to the Future with a Brief Look at the Past Jack McCredie UC Berkeley November 7, 2005 Copyright John W. McCredie.

John Morris 1 Hot Topic - IP Services Wiretapping the Internet EDUCAUSE Policy Conference May 20, 2004 John Morris, Center for Democracy and Technology.

A Cat-Herding Tale Forging a Single Course Management System for a Decentralized Institution Copyright Abdul Shibli, 2004.This work is the intellectual.

1 Effective Incident Response Presented by Greg Hedrick, Manager of Security Services Copyright Purdue University This work is the intellectual property.

APEC ANTI-SPAM INITIATIVES Tom Dale Department of Communications, IT & the Arts Australia.

IT Security Challenges In Higher Education Steve Schuster Cornell University Copyright Steve Schuster This work is the intellectual property of.

Legal Issues in the “E-Learning Business” Jonathan Alger University of Michigan October 29, 2001 Copyright Jonathan Alger This work is the intellectual.

1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.

Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.

NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.

Trusted Electronic Communications for Federal Student Aid Mark Luker Vice President EDUCAUSE Copyright Mark Luker, This work is the intellectual.

Copyright, Intellectual Property, and Privacy 1 Lesson Plan: BMM A9-4.

Chief Information Officer Effectiveness in Higher Education Wayne Brown, Ph.D. Copyright Wayne Brown This work is the intellectual property of the.

Copyright Michael White and Sylvia Maxwell, This work is the intellectual property of the author. Permission is granted for this material to be shared.

Resources to CAMP: Charting Your Authentication Roadmap.

Julian Hooker Assistant Managing Director Educause Southwest

Educause/Internet 2 Computer and Network Security Task Force

Networking 2002 USA-Patriot Act Tracy Mitrano Cornell University

Identity and Access Management:

FOIA, Privacy & Records Management Conference 2009

Institutional Privacy Challenges

Ed Barboni, Senior Advisor, Council of Independent Colleges

Project for OnLine Instructional Support (POLIS)

myIS.neu.edu – presentation screen shots accompany:

Identity Theft Prevention Program Training

EDUCAUSE Networking 2002 Washington, D.C. April 17, 2002

Presentation transcript:

Information Privacy: Public Policy and Institutional Policies Wendy Wigen Policy Analyst, EDUCAUSE Copyright Wendy Wigen, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

EDUCAUSE Policy Program  Policy Website Issue Briefs Legislative Tracking Chart Comparison of Legislation Hot Topics in Washington  Policy Analysts  Policy Conference: May 19-20

Information Privacy  Technology and privacy  Security and privacy  Main tenants of privacy policy Awareness of collection Awareness of what is collected Awareness of how it is to be used Ability to correct Assurance of reasonable security

Current Privacy Issues  Privacy Policies  Identity Theft  Spam  Spyware  Patriot Act  CALEA and the Internet

Privacy Policies – Public Policy  Legislation & Regulations FERPA, HIPAA, Gramm-Leach Bliley State level (Maryland Data Security & Privacy Policies)  Trends Privacy notices that are more readable and useful

Privacy Policies - Implications  Complicated in large, decentralized academic institutions  Applies to “paper” as well as “electronic” practices  Diligence: Training, Oversight, and Advocacy  Balancing “compliance” with “ethical” standards

Identity Theft – Public Policy  Fair and Accurate Credit Transactions Act – Signed December 4, 2003 Will serve as model for privacy/ID theft Incorporates most Identity Theft proposals  Prevention: SSN’s Credit Card truncation and red alerts i.e. address change/new card  Victim Assistance: rights and education  Enforcement: coordination and improved technology

Identity Theft - Implications  Eliminate use of Social Security numbers as primary identifiers  Limit access to records and information on reports  Identity Theft Awareness & Resources Create a webpage: U of MiamiU of Miami Link to the FTCFTC “privacy advocate” job description

SPAM – Public Policy  CAN-SPAM Act: December 15, 2003  Work in progress: main goals Establish a National Law/ work toward an International agreement Target egregious spammers/ enable law enforcement Protect legitimate e-marketing/ establish standards Wait: well-publicized cases with heavy penalties

SPAM - Implications  Educate users  Refer user complaints to LE/FTC  Acceptable Use Policy  SPAM Filtering Software

Spyware  Problem: It will discourage Internet use  SPY BLOCK Act (S. 2145)  FTC Workshop How do you distinguish good software from bad? Are new laws needed? Technology fix?

USA PATRIOT Act – Public Policy  Proposed legislation: SAFE Act ( Security and Freedom Ensured ) and Protecting the Rights of Individuals Act (S 1709/HR3352)  Strong counterbalance to DoJ/ signals awareness in Congress

CALEA: Wiretapping the Internet  Communications Assistance to Law Enforcement Act of 1994 “CALEA”  Timing: A brief history of wiretapping…  Implications for Campuses Cost to make systems compliant Cost to privacy Cost to innovation

What is the outlook?  PATRIOT Act has strong Presidential support; strong Congressional opposition  CALEA decision will go to Congress  Telecommunications Laws will be brought up to date  Security and Privacy: The political dance will continue

For more information: EDUCAUSE D.C. Office (202)