Information Technology

Computers and information technology are now an integral part of college and university life. The increased convenience and power of this technology also brings with it a wide range of compliance concerns, from social media and free speech considerations, to data privacy, identity theft, and copyright issues.

Lock = Available only to members of the contributing organization.

Statutes

Regulations

Resource Pages

EDUCAUSE IT Governance, Risk, and Compliance Program
EDUCAUSE

Preparing IT for the Cloud
EDUCAUSE

Information Security Aspects of Business Continuity Management
EDUCAUSE

EDUCAUSE IT Governace, Risk, and Compliance Program
EDUCAUSE

Cyber Liability Insurance FAQs
EDUCAUSE

EDUCAUSE Compliance Library
EDUCAUSE

IT Governance, Risk, and Compliance in Higher Education, an ECAR Research Hub
EDUCAUSE

NACUA Social Media Resource Page Lock
NACUA

NACUA Cybersecurity Resource Page Lock
NACUA

Federal Information Security Management Act (FISMA)

Uniform Electronic Transactions Act 1999 (UETA)

NACUA MOOCs Resource Page Lock
NACUA

EDUCAUSE Resource Page on Incident Handling and Response
EDUCAUSE

EDUCAUSE Resource Page on Information Security Governance
EDUCAUSE

EDUCAUSE Resource Page on Electronic Records Management
EDUCAUSE

EDUCAUSE Resource Page on Business Continuity Planning
EDUCAUSE

EDUCAUSE Resource Page on Emergency Notification
EDUCAUSE

EDUCAUSE Resource Page on Cloud Computing
EDUCAUSE

EDUCAUSE Resource Page on Data Retention
EDUCAUSE

EDUCAUSE Resource Page on Social Media Policies
EDUCAUSE

EDUCAUSE Resource Page on E-Discovery
EDUCAUSE

EDUCAUSE Resource Page on Communications Assistance for Law Enforcement Act (CALEA)
EDUCAUSE

Electronic Records Management Toolkit
EDUCAUSE

Business Continuity Planning Toolkit
EDUCAUSE

Data Incident Notification Toolkit
EDUCAUSE

Information Security Guide
EDUCAUSE

EDUCAUSE Resource Page on the Payment Card Industry Data Security Standard (PCI DSS)
EDUCAUSE

Risk Management Chapter, Information Security Guide
EDUCAUSE

Publications

Navigating Privacy and Data Security in an International Environment Lock
NACUA

College and University Data Breaches: Regulating Higher Education Cybersecurity Under State and Federal Law Lock
Katie Beaudin, NACUA

Fair Labor Standards Act Fact Sheet
National Association for College Admission Counseling

What Leaders Need to Know About Managing Data Risk in Student Success Systems, EDUCAUSE Executive Briefing (2014)
EDUCAUSE

Managing Data Risk in Student Success Systems: EDUCAUSE IPAS Summit Report (2014)
EDUCAUSE

The Chief Privacy Officer in Higher Education (2015)
EDUCAUSE

Understanding IT GRC in Higher Education: IT Compliance (2015)
EDUCAUSE

Understanding IT GRC in Higher Education: IT Risk (2015)
EDUCAUSE

Understanding IT GRC in Higher Education: IT Governance (2015)
EDUCAUSE

Cybersecurity in Higher Ed: Searching for a Better Model (2015)
EDUCAUSE

Cloud Strategy for Higher Education: Building a Common Solution (2015)
EDUCAUSE

The Compelling Case for Data Governance (2015)
EDUCAUSE

Key Questions for Information Security: Institutional Implications for Safeguarding Data (2014)
EDUCAUSE

Foundations of Information Security: Institutional Implications for Safeguarding Data (2014)
EDUCAUSE

The Evolution and Ascent of the CISO (2014)
EDUCAUSE

Top Information Security Strategic Issues Infographic (2015)
EDUCAUSE

Just in Time Research: Data Breaches in Higher Education (2014)
EDUCASE

US SAFE WEB Act
URMIA University Risk Management and Insurance Association

Federal Laws Relating to Cybersecurity: Overview of Major Issues, Current Laws, and Proposed Legislation
Eric A. Fischer

Just in Time Research: Privacy Practices
EDUCAUSE

Measuring the Effectiveness of Security Awareness Programs
EDUCAUSE

U.S. Dept. of Education "Dear Colleague" Letter on P2P Copyright Infringement
June 4 2010, U.S. Dept. of Education

Social Media Policy Samples Lock
CASE

Employee's Use of Web 2.0: Take this Job and Tweet It
2011, NACUA, Peter Land, Priya Harjani, Youndy Cook

The New Frontiers of Peer-to-Peer Sexual Harassment: Sexting, Cyber-Bullying, and Electronic Harassment
2011, Amy Gajda, Daniel Wilkerson, NACUA

The Need for Student Social Media Policies
2011, EDUCAUSE

7 Things You Should Know About Privacy in Web 2.0 Learning Environments
2011, EDUCAUSE

7 Things You Should Know About Mobile Security
2011, EDUCAUSE

Information Security Program Self-Assessment Tool
EDUCAUSE

7 Things You Should Know About Emergency Notification Systems
2010, EDUCAUSE

Guidelines for Data De-Identification or Anonymization
2010, EDUCAUSE

Confidential Data Handling Blueprint
2009, EDUCAUSE

Practical Information Media Sanitization Guidelines for Higher Education
2009, EDUCAUSE

Data Protection Contractual Language
2009, EDUCAUSE

Data Classification Toolkit
2008, EDUCAUSE

E-Discovery Guideline and Toolkit
EDUCAUSE

Guidelines for Responding To Compulsory Legal Requests for Information
2006, EDUCAUSE

The 2013 Cybersecurity Executive Order: Overview and Considerations for Congress
Catherine A. Theohary, Edward C. Liu, Eric A. Fischer, John W. Rollins, Nov 8 2013

ACUTA Alert: Regulations re Emergency Notification Calls and Text Messages
ACUTA, Mar 29 2012

ACUTA Alert: Federal Rules Governing Destruction of Electronically Stored Information
ACUTA, December 2006

FCC Advisory Guidance for Compliance with Open Internet Transparency Rule
ACUTA, June 30 2011

MOOCs and the Institution's Duties to Protect Students from Themselves and Others: Brave New World or Much Ado About Nothing?
Christina D. Riggs, Joseph C. Monahan, URMIA

Electronic Signatures in Global and National Commerce Act (ESign): The Consumer Consent Provision
Federal Trade Commission

Minimum Security Requirements for Federal Information and Information Systems
March 2006

Massive Open Online Courses (MOOCs): Intellectual Propoerty and Related Issues
June 2013, Madelyn F. Wessel, Megan W. Pierson, NACUA, Robert R. Terrell

Managing the Risk of Data Breaches and Preparing for Security Audits: Lessons Learned from the Field
Isaac Straley, June 2012, Kyhm Penfil, NACUA, Timothy McCrystal

Employee Privacy Issues in the Social Media World
June 2012, NACUA, Peter Land, Priya Harjani, Youndy Cook

Cybersecurity: Authoritative Reports and Resources, by Topic
Rita Tehan