- Created by Justin Lytle - Admin, last modified on Jul 30, 2020
Policy identification number: IT-0002 | ||
File: Information Technology Policies | ||
Storage and Handling of Data | ||
Policy Summary This policy establishes the requirements and responsibilities regarding the storage and handling of classified data. | ||
Policy Owner Vice President, Finance & Administration | Approval Date January 30, 2019 | Effective Date January 30, 2019 |
Search Terms storage, handling, data, s, vpfa | Scheduled for Review Spring 2024 |
I. GeneralFaculty, staff and employees of Fort Lewis College have the responsibility to protect information resources for which they are in care of. Each person and office is expected to:
|
II. Data Storage and Handling Requirements
|
III. Storage and Handling Best Practices
|
IV. Reason for PolicyFort Lewis College is committed to protecting the reputation, safety, and privacy of the individuals that make up our community. Establishing best practices around the handling of data helps prevent the unauthorized disclosure of sensitive information and ensure compliance with data privacy laws and regulations. |
V. ResponsibilitiesFor following the policy: All employees and contracted vendors For enforcement of the policy: Information Security Officer For oversight of the policy: Vice President for Finance & Administration For notification of policy: Policy Librarian |
VI. DefinitionsElectronic Documents: Electronic documents are created and stored on a computer system or application. Common types electronic documents include emails, database tables and reports, web pages, spreadsheets, text files, presentations, and digital images. Mobile Devices: A portable computing device, such as laptops, tablets, smart phone. Encryption: A technology that protects electronic documents and system drives by converting the data to a format that is unreadable to those with unauthorized access. Password protection of electronic documents is not an adequate substitute for encryption. |
VII. Cross-Referenced PoliciesClassification of Data Policy |
VIII. Consequences of Non-ComplianceConfidential data is protected by State, Federal, and International laws and regulations. Failure to properly manage data can result in disciplinary actions, penalties and other consequences for the individual and department. Violations shall be handled consistent with College disciplinary procedures. The College may refer suspected violations of applicable law to appropriate law enforcement agencies. The College may suspend, block or restrict access to information and network resources if necessary to protect the integrity, availability, and/or confidentiality of College information or to protect the College from liability. |
IX. Revision HistoryNew policy January 2019 |