Information Security Policy
Purpose
TCU provides access to information in order to further its mission while maintaining the privacy and accuracy of that information. The university is composed of various constituencies which include teachers, researchers, students, residents, employees, alumni and guests. It is important to fulfill the information needs of these groups while protecting the data.
This policy outlines the rights and responsibilities of the individual as well as those of TCU pertaining to information access, storage and delivery. In addition this policy contains references to related policies, procedures and guidelines that specify in more detail how these rights and responsibilities are to be carried out.
Responsibilities
Every individual is responsible for the information which they control. They are responsible for the confidentiality, integrity, and availability of that information. The scope of this may range from responsibility for the information of large groups to the protection of a single individual’s password. Every user is responsible for following all the relevant security policies and procedures involving electronic information and for protecting the resources under their control.
The following are references, policies and procedures that pertain to information access, and network usage.
- TCU Network and Computer Usage Policy
- TCU Sensitive Personal Information (SPI) Policy
- TCU Data Classification Policy
- Student Code of Conduct
- TCU Computing Password Policy
- IT Remote Access Policy
- TCU Credit Card Policy
- TCU Intellectual Property Policy and Procedure
The following are references, policies and procedures that deal with the storage and dissemination of information as well as the security of computing equipment. As with information, every user is responsible for the security of equipment under their control.
- TCU Web Policy
- Email Retention and Backup Schedule
- Non-IT Server Policy
- TCU Computer Technology Acquisitions Policy
- Alarm Systems Policy
TCU and all individuals associated with the university are bound by any applicable local, state and federal laws. The following policies and procedures describe in more detail how TCU complies with some of these laws.
- Gramm-Leach-Bliley Act (GLBA)
- Family Educational Rights and Privacy Act (FERPA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Digital Millennium Copyright Act (DMCA)
Rights
TCU respects the rights of the individual and the concept of “Academic Freedom”. TCU provides access to information, the TCU network, the internet, computing facilities and equipment as described above in order to help further the mission of the university. In addition the following policies discuss specific rights of the user.
- TCU Privacy of Information Policy
- IT Procedure for Handling Personal Information Requests
- Student Grievance Policy (from the Student Handbook)
- Faculty and Staff Grievance Policy (from the Faculty Staff Handbook)