University rules stipulate that all data should be classified as being public, sensitive, confidential or classified. Only when all data is classified, can appropriate protections be identified and implemented. Confidential information comes in several forms.
These forms include the following:
- Health Insurance Portability and Accountability Act (HIPAA)
- Family Educational Rights and Privacy Act (FERPA)
- Gramm Leach Bliley Act (GLBA)
- Classified National Security Information (i.e. “classified”)
Each of these data types must be protected to ensure the content is not obtained by unauthorized individuals.
Details of each type of data can be found by clicking on each of the following:
- Classified- Pursuant to Executive Order 12356
- Controlled Unclassified Information
To ensure adequate protections are in place, FERPA and HIPPA data should only be store on approved University systems (such as server platforms) and as detailed on the University SAP pages for Encryption must never be transmitted in clear text over the network or kept in clear text (unencrypted) on any workstation or portable system/media (such as a laptop or removable thumb drive.)
Where retention of confidential data is required, following approval of the University Chief Information Security Officer and the AgriLife Information Security Officer, encryption practices must be implemented to ensure the data is protected in case of theft of the computer hardware or media.
Financial Conflicts of Interests & Foreign Components
- Reminders of NIH Policies on Other Support and on Policies related to Financial Conflicts of Interest and Foreign Components
- Information About the Department Of Justice’s China Initiative and a Compilation of China-Related Prosecutions
If you have questions regarding storage or retention of this data please contact the AgriLife Security Officer at email@example.com