https://library.educause.edu/topics/policy-and-law/health-insurance-portability-and-accountability-act-hipaaen{E7175775-6740-4F8B-BB31-2DEED2ECF47A}https://library.educause.edu/resources/2021/10/2021-educause-horizon-action-plan-privacyThis Horizon Action Plan is offered to the privacy and higher education communities as an actionable tool to help guide our thinking about tomorrow and to help inspire us to plan and take action today.Fri, 19 Nov 2021 18:25:49 Z{A572973B-FEFF-4F02-9A4D-C6AA3106D969}https://library.educause.edu/resources/2021/7/higher-education-regulated-research-workshop-series-a-collective-perspectiveAfter an eight month effort concluding in June of 2021, 155 participants from 84 research institutions from across the United States gathered in six facilitated, NSF-sponsored workshop sessions to determine if coming together as a community could improve the support of individual programs to secure regulated data in research involving the Department of Defense or health sciences. Mon, 12 Jul 2021 19:03:31 Z{DA889489-E4BA-4D1B-AF58-406361F6EE95}https://library.educause.edu/resources/2020/11/the-evolving-landscape-of-data-privacy-in-higher-educationThe Evolving Landscape of Data Privacy in Higher Education report explores data privacy management; examines recent privacy legislation and issues that have arisen during the pandemic; and uncovers some of the biggest challenges and most promising paths forward for data privacy.Fri, 13 Nov 2020 20:19:59 Z{44573151-9EE1-4843-ACAB-2F83B3062D18}https://library.educause.edu/resources/2014/4/stanford-data-classification-access-transmittal-and-storageCriteria used to determine which data category is appropriate for a particular information or infrastructure system at Stanford University.Tue, 22 Dec 2015 17:37:03 Z{15017E8E-253D-4026-90A0-47E8FBAC0F81}https://library.educause.edu/resources/2013/12/new-year-new-challenges-preparing-your-campus-for-data-privacy-and-security-issues-in-the-year-aheadAs technology continues to evolve, so do the data privacy and security risks facing colleges and universities.Tue, 22 Dec 2015 17:35:08 Z{7A5793E3-3AFF-41B9-A56C-0A2C61E2B844}https://library.educause.edu/resources/2013/5/toolkit-for-developing-an-identity-and-access-management-iam-programThe IAM Program Outline has been created as a roadmap for institutions to use in developing an IAM program (or to address gaps in their current offerings) including:Tue, 22 Dec 2015 17:35:48 Z{CC042786-D880-4746-8105-008773B18219}https://library.educause.edu/resources/2011/11/protecting-the-security-of-research-dataThe effective protection and management of research data has become a hot topic in U.S. higher education.Tue, 22 Dec 2015 17:29:55 Z{533D687B-D038-4832-9535-2ABDC4B09673}https://library.educause.edu/resources/2010/3/compliance-matrix-poster-for-it-compliance-professionalsThis matrix poster developed by Symantec outlines IT Controls for security and privacy concerns related to regulatory compliance in the workplace.Tue, 22 Dec 2015 17:24:51 Z{B4DFDB3C-24CB-4C17-968E-D0A254F1358D}https://library.educause.edu/resources/2010/1/information-security-and-data-breach-notification-safeguardsThe 2010 report describes information security and data breach notification requirements included in the Privacy Act, the Federal Information Security Management Act (FISMA), Office of Management and Budget (OMB) Guidance, the Veterans Affairs Information Security Act, the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health Act, the Gramm-Leach-Bliley Act (GLBA), the Fede ...Tue, 22 Dec 2015 17:25:19 Z{0676147D-46B4-4D61-8BDD-10DC1AE8F5E1}https://library.educause.edu/resources/2009/11/privacy-and-confidentiality-holding-it-service-providers-accountable This ECAR research bulletin addresses the data privacy issues that must be covered by contractual language when entering into an agreement for externally provided IT services or for external consulting about institutional systems.Tue, 22 Dec 2015 17:21:54 Z{99F1C38C-5667-4502-9A49-2BE38D67C0FA}https://library.educause.edu/resources/2009/9/forward-into-the-cloudWith more students auto-forwarding e-mail to private accounts, even colleges that have not outsourced their e-mail find it difficult to keep correspondence on their own servers.Tue, 22 Dec 2015 17:20:58 Z{F294D64F-21DA-49D4-BF81-630C602B5E1E}https://library.educause.edu/resources/2008/12/joint-guidance-on-the-application-of-the-family-educational-rights-and-privacy-act-ferpa-and-the-health-insurance-portability-and-accountability-act-of-1996-hipaa-to-student-health-recordsThe purpose of this guidance is to explain the relationship between the Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule, and to address apparent confusion on the part of school administrators, health care professionals, and others as to how these two laws apply to records maintained on students.Tue, 22 Dec 2015 17:18:04 Z{F61D8440-6081-4D4E-A4EE-72677B97DBF5}https://library.educause.edu/resources/2008/4/regulatory-compliance-training-public-jobs-private-dataThis research bulletin details the procedures and processes undertaken by the University of Minnesota to ensure that all employees, from student workers and custodial staff through senior research faculty and administrators, received training about keeping private data secure tailored to their roles and responsibilities.Tue, 22 Dec 2015 17:18:44 Z{FC6F44FF-EBF7-4A70-9257-C9883636CDE9}https://library.educause.edu/resources/2007/8/report-of-the-virginia-tech-review-panelThis is the report on the Virginia Tech shooting by a review panel appointed by the governor of Virginia.Tue, 22 Dec 2015 17:15:16 Z{7FD6D743-5E52-4922-9199-B36666F46667}https://library.educause.edu/resources/2007/6/fuzzy-understandings-of-ferpa"A federal report on the Virginia Tech shootings considers the misunderstanding of federal and state privacy laws to be a “substantial obstacle” to the information sharing needed to protect students.Tue, 22 Dec 2015 17:13:50 Z{83CB3D80-AC3F-4268-9AEE-9F73DEF56B13}https://library.educause.edu/resources/2007/6/report-to-the-president-on-issues-raised-by-the-virginia-tech-tragedyThe President directed top officials at the Departments of Education, Justice, and Health and Human Services to participate in a federal review of the broad questions raised by the shooting tragedy at Virginia Tech.Tue, 22 Dec 2015 17:15:18 Z{702D65E8-B0AF-48C7-8EFF-A8DCD3C1DD70}https://library.educause.edu/resources/2007/1/privacy-vs-securityTue, 22 Dec 2015 17:15:08 Z{2095A9CD-E1EE-4A33-B8AC-BE9DA7FD0D40}https://library.educause.edu/resources/2007/1/university-campus-safety-final-reportIn light of the recent tragedy at Virginia Polytechnic Institute and State University (Virginia Tech), Florida Governor Charlie Crist signed an executive order April 30, 2007, creating a Gubernatorial Task Force to research University Campus Safety in Florida.Tue, 22 Dec 2015 17:16:33 Z{B7E936E3-1C62-4F27-A0B4-10D39498F489}https://library.educause.edu/resources/2006/1/rit-information-security-policyRochester Institute of Technology's Information Security Policy. Policy includes information on lifecycle protection of RIT information systems, security related to the responsible use of information, standards, HIPAA.Tue, 22 Dec 2015 17:11:13 Z{BAC25133-7D88-403B-A386-0CA8AB5228C8}https://library.educause.edu/resources/2005/2/identity-and-access-management-for-hipaa-technology-modelTue, 22 Dec 2015 17:06:32 Z