Educause Security Discussion
mailing list archives
Re: Federal laws applicable to Universities
From: Dan Han <s2dhan () VCU EDU>
Date: Thu, 7 Nov 2013 21:09:40 -0500
Aside from what was mentioned already, If you are involved in research,
don't forget the export control laws (ITAR, EAR, OFAC regulations) as well.
Also PPRA, COPPA if research with minors are involved.
FTC has the Red Flag rule, section 5, Stares usually has its own data
protection laws. The list goes on and on...
I always tell people that Higher ed is pretty much regulated by nearly all
regulations under the sun... Except for SOX, even the requirements there
have somewhat permeated into higher ed.
VIrginia Commonwealth University
On Thursday, November 7, 2013, Francisco Pérez wrote:
I know that FERPA, HIPAA( if healthcare data) and maybe PCI are applicable
to Universities on the US. But there is any other federal laws applicable
or that Universities need to comply with?. Just working on fundamental laws
for IT Compliance on Universities.
Will appreciate your comments.
Information System Office
UPR-Medical Sciences Campus
'francisco.perez12 () upr edu');>
Confidentiality Notice: Any use, review, distribution or copying of this
communication by anyone other than the named recipient(s) is strictly
prohibited. Please notify the sender immediately by e-mail if you have
received this e-mail by error and delete this e-mail from your system.
Please print this email only when necessary.
Virginia Commonwealth University
Sent from my mobile device