 |
Breach Notification Procedures |
|
Personal Non-Public Information Policy Protecting Personal Non-Public Information Responsible Computing
|
|
Notification is required when the security of high risk personal non-public information is compromised.The University's breach notification procedures are in place to ensure that University community members are informed when there is a breach in the security of their highly sensitive personal information - e.g. when there is a risk of identity theft. Following the discovery of a breach in the security of a system - including theft of a computer - in which a computer forensic analysis indicates there is a reasonable expectation that unencrypted high risk personal non-public information has been viewed or taken, University policy is to notify all persons whose personal information might have been acquired by unauthorized person(s) of the breach of the security of their personal information. What is high risk personal non-public information? What are the department's responsibilities? How quickly do notices have to be sent? What is breach of security of the system?
Questions / comments?
|
