May 2, East Lansing, Michigan

June 4, Columbia, South Carolina

Major Initiatives Resources Professional Development Community About EDUCAUSE

You are receiving this message because your browser is not JavaScript-enabled. We recommend you enable JavaScript in your browser, which is required to exploit the full functionality of the EDUCAUSE Web site, to ensure the best possible experience on our site.

A Blueprint for Handling Sensitive Data: Security, Privacy, and Other Considerations

Information security risks at colleges and universities present challenging legal, policy, technical, and operational issues. According to a recent study by the EDUCAUSE Center for Applied Research (ECAR), security incidents have resulted in compromises of personal information which have led to bad publicity and the potential for identity theft. Among the steps to protect sensitive data include an information security risk management program, data classification policies, clearly defined roles and responsibilities, awareness programs, and technology solutions among other interventions. This seminar will outline a blueprint for protecting sensitive data according to the EDUCAUSE/Internet2 Security Task Force.

Intended Audience

This seminar is designed for the following audience:

Data Stewards, Data Trustees, and Data Custodians
Information Security Professionals
IT Directors and Managers
Privacy Officers

Risk Managers
Policy Administrators
Auditors

Presenters

For May 2 in East Lansing, Michigan—UPDATED!

Rodney J. Petersen
Government Relations Officer and Security Task Force Coordinator
EDUCAUSE

David Escalante
Director of Computer Policy & Security
Boston College

For January 25 in Los Angeles, California

H. Morrow Long
Director
Information Security Office
Yale University

Krizi Trivisani
Chief Security Officer
George Washington University

Resources

Tools

Articles

"A Unified Approach to Information Security Compliance" by M. Peter Adler, EDUCAUSE Review (2006)
"The Privacy and Security Policy Vacuum in Higher Education" by Fred H. Cate, EDUCAUSE Review (2006)
"Presidents and Campus Cybersecurity" by Joy R. Hughes and Jack Suess, EDUCAUSE Review (2005)
"Addressing Information Security Risk" by Mohammad H. Qayoumi and Carol Woody, EDUCAUSE Quarterly (2005)
"Security Breaches: Notification, Treatment, and Prevention" by Rodney Petersen, EDUCAUSE Review (2005)
"The 'Zen' of Risk Assessment" by Cedric Bennett and Richard Jacik, EDUCAUSE Quarterly (2005)

Need Help? | Feedback | Privacy Policy

Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances). Content from conference speeches, presentations, blogs, wikis and feeds reflect the opinions of the author, and not necessarily those of EDUCAUSE or its members.