Recent Updates to UCF Policies Covering Data Security and Protection
All UCF policies are reviewed annually by policy owners and every five years by the University Policies and Procedures Committee. From these reviews come updates, as needed, to ensure our policies incorporate current, meaningful language that protects our university community. This article focuses on the following revised and new policy highlights:
UCF Policy 4-002 Use of Information Technologies and Resources
UCF Policy 4-008 Data Classification and Protection
UCF Policy 4-015 Information Security Incident Response – New!
Data Privacy and Security
Information and data are the life blood of an institution. If data is lost, misused, or disclosed improperly, either on purpose or accidently, the consequences can be highly impactful. To achieve the necessary level of data privacy and security, everyone must do their part by treating university-related data and information with care. Read this article to help learn how you can do your part.
What to do if Someone Requests a Copy and/or the Removal of Their Personal Data
You or someone you work with may receive a phone call or written request from a current or former student, staff or faculty member, or other individual requesting a copy of their personal information. They may also request that UCF remove their personal data. It’s imperative that such requests are taken very seriously as there are laws and regulations requiring UCF to act and respond in a timely manner. Click “Read More” below to learn the steps to take if you’ve received these types of requests.
Case Corner
Each edition of the IntegrityStar features an actual investigation conducted by the investigative offices here at UCF (note, however, all names have be changed in an effort to provide confidentiality of the parties involved). In this edition, we turn our focus to a case that was investigated by University Compliance, Ethics, and Risk in collaboration with the UCF Registrar’s Office.
A message fromRhonda L. Bishop
We’ve all received the emails and some of us may have, in a brief lapse of judgment, fallen for the ruse and clicked on the link… It’s the email that claims we’ve won a prize, or we received a free trial to a much-coveted membership and all we have to do is click on the link to redeem. Or, it’s the email that appears to be from our bank suggesting that we have to update our account information. The ruse may change but the goal is the same – to be convincing enough to trick us into clicking on a link or opening an attachment to gain access to our data. For this reason, we have devoted this IntegrityStar edition to data security and privacy.
Audit Unlocked
by Tina Maier, CPA, CFE, CIG, Associate Director University Audit
This issue (Part 3) is the last in the “Questions to ask yourself” series. To help prevent fraud on your watch, please take a few moments read this month’s Audit Unlocked.
Recognition
In this Recognition section, we’d like to acknowledge one of our employees within the UCF Information Security Office for his contributions, positivity, and leadership around security awareness.
New Policies
Read about the new or updated UCF policies and regulations that were recently approved.
FAQs
In each IntegrityStar edition, we highlight some frequently asked questions. This edition’s focus is on privacy and security.