Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Federal laws applicable to Universities
From: Tracy Beth Mitrano <tbm3 () CORNELL EDU>
Date: Thu, 7 Nov 2013 21:03:01 +0000

Michael beat me to the punch with a better list, but here are some big hitters I was pulling up for you when his 
message came in.  Links are not the definitive for implementation, just an idea of what it is about.

Don't forget FISMA:  http://csrc.nist.gov/drivers/documents/FISMA-final.pdf

and HITECH:  http://www.hhs.gov/ocr/privacy/hipaa/administrative/enforcementrule/hitechenforcementifr.html

and GLBA:  http://www.hhs.gov/ocr/privacy/hipaa/administrative/enforcementrule/hitechenforcementifr.html


On Nov 7, 2013, at 3:43 PM, Francisco Pérez <francisco.perez12 () UPR EDU<mailto:francisco.perez12 () UPR EDU>>

I know that FERPA, HIPAA( if healthcare data) and maybe PCI are applicable to Universities on the US. But there is any 
other federal laws applicable or that Universities need to comply with?. Just working on fundamental laws for IT 
Compliance on Universities.

Will appreciate your comments.

Francisco Pérez
Information System Office
UPR-Medical Sciences Campus
francisco.perez12 () upr edu<mailto:francisco.perez12 () upr edu>

Confidentiality Notice: Any use, review, distribution or copying of this communication by anyone other than the named 
recipient(s) is strictly prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by 
error and delete this e-mail from your system.

Please print this email only when necessary.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]