Data Protection Standards - Data Protection Requirements

Date Issued

11-30-2018

Document Type

Policy

Purpose

This Guideline complements the Data Classification Policy by defining (1) the requirements for handling and protecting information at each stage of its lifecycle from creation to destruction and (2) the minimum security standards required for any electronic device that may be used to access or store Sensitive Information owned or used by University of Health Sciences and Pharmacy.

Sensitive Information is University Data that is classified as Internal, Confidential, or Restricted Use. See the Data Classification Policy for definitions and examples of each of these classifications.

Public (non-Sensitive) Information does not require any level of protection from disclosure but appropriate precautions should be taken to protect original (source) documents from unauthorized modification.

Applies to all active members of the University community, including faculty, students, staff, and affiliates, and to authorized visitors, guests, and others for whom University technology resources and network access are made available by the University. This policy also applies to campus visitors who avail themselves of the University’s temporary visitor wireless network access, and to those who register their computers and other devices through Conference and Event Services programs or through other offices, for use of the campus network.

Responsible Party

Information Technology

Recommended Citation

"Data Protection Standards - Data Protection Requirements" (2018). Information Technology Policies. 5.
https://collections.uhsp.edu/informationtechnologypolicies/5