Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: Federal laws applicable to Universities
From: Dan Han <s2dhan () VCU EDU>
Date: Thu, 7 Nov 2013 21:09:40 -0500

Aside from what was mentioned already, If you are involved in research,
don't forget the export control laws (ITAR, EAR, OFAC regulations) as well.

Also PPRA, COPPA if research with minors are involved.

FTC has the Red Flag rule, section 5, Stares usually has its own data
protection laws. The list goes on and on...

I always tell people that Higher ed is pretty much regulated by nearly all
regulations under the sun... Except for SOX, even the requirements there
have somewhat permeated into higher ed.


Dan Han
VIrginia Commonwealth University

On Thursday, November 7, 2013, Francisco Pérez wrote:

I know that FERPA, HIPAA( if healthcare data) and maybe PCI are applicable
to Universities on the US. But there is any other federal laws applicable
or that Universities need to comply with?. Just working on fundamental laws
for IT Compliance on Universities.

Will appreciate your comments.

--
*Francisco Pérez*
Information System Office
UPR-Medical Sciences Campus
francisco.perez12 () upr edu <javascript:_e({}, 'cvml',
'francisco.perez12 () upr edu');>
www.rcm.upr.edu

Confidentiality Notice: Any use, review, distribution or copying of this
communication by anyone other than the named recipient(s) is strictly
prohibited. Please notify the sender immediately by e-mail if you have
received this e-mail by error and delete this e-mail from your system.

Please print this email only when necessary.



-- 
Dan Han
Virginia Commonwealth University

Sent from my mobile device

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault