Last Edit: 10/23/2017
Purpose
This document outlines processes for identification, reporting, and response to a data breach, systems compromise, or other electronic security incident. CCIT is obligated and committed to compliance with University policy, as well as city, state, and federal laws. This policy provides guidance when there is a breach in acquisition, access, use, or disclosure of sensitive information. Data may be protected under FERPA, HIPAA, and GDPR regulations.