Policies, Standards and Compliance
In order to protect information, organizations need to implement rules and controls around the protection of information and the systems that store and process this information. This is commonly achieved through the implementation of information security policies, standards, and guidelines. Additionally, some policies are written to ensure compliance with Federal, State, UT System or other requirements. Using a model of “Trust but Verify”, these policies and standards can then be audited to validate compliance.
UTRGV AUP (Acceptable Use Policy)
Portable System Check Out Security Standard
Two-Factor Authentication Standard
Data Protection Standard for Personally Owned Mobile Devices
PowerBroker Procedures and Standards
Information Security Program Manual
Data Classification
- Data Classification Standard
- Extended list of Confidential Data
- Data Storage Guide
- Minimum Security Standards for Data Stewardship
Federal
Family Educational Rights and Privacy Act (FERPA) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education. Read more
The Health Insurance Portability and Accountability Act (HIPPA), is the privacy rule that establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. Read more
The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data. Read more
Industry
The Payment Card Industry (PCI) Data Security Standard (DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. Read more
The National Institute of Standards and Technology (NIST) was founded in 1901 and now part of the U.S. Department of Commerce. NIST is one of the nation's oldest physical science laboratories. Congress established the agency to remove a major challenge to U.S. industrial competitiveness at the time—a second-rate measurement infrastructure that lagged behind the capabilities of the United Kingdom, Germany, and other economic rivals.
From the smart electric power grid and electronic health records to atomic clocks, advanced nanomaterials, and computer chips, innumerable products and services rely in some way on technology, measurement, and standards provided by the National Institute of Standards and Technology.
Today, NIST measurements support the smallest of technologies to the largest and most complex of human-made creations—from nanoscale devices so tiny that tens of thousands can fit on the end of a single human hair up to earthquake-resistant skyscrapers and global communication networks. Read more