Educause Security Discussion mailing list archives

Re: anonymous reporting?

From: Krizi Trivisani <krizi () GWU EDU>
Date: Wed, 4 May 2005 13:40:57 -0400

Hi Chad,

Here at GW we have a Regulatory Compliance Help and Referral Line.  The
program encourages faculty, staff and students to report suspected
noncompliance, fraud, waste, abuse and unethical or illegal activities
using a toll free number (1-888-508-5275). Callers can stay anonymous
without fear of retaliation. The University's Compliance and Privacy
Office will insure that allegations are thoroughly investigated and that
appropriate corrective actions are taken, if needed.  Security incidents
are one of the categories covered (with high, medium, and low
classifications w/ associated mandatory response times).

A brochure that explains the operations of the Regulatory Compliance
Help and Referral Line has been distributed to all employees.   If you
would like a copy of our brochure or more information, just let me know.

Regards,
Krizi

*******************************************
Krizi Trivisani, CISSP
Director of Systems Security Operations
Chief Security Officer
The George Washington University
202/994-7803
krizi () gwu edu



David Grisham wrote:

 our health science center including the hospital allows both
telephone and web anonymous reporting (we  see it as a component of
HIPAA).  We have to have this route for privacy so we are using the
same contacts for security incidents. Cheers. -grish
David D. Grisham, Ph.D.,  CISM, CHS III
Information Security Officer,
UNM Hospitals, Information Technology
1650 University Blvd,  S.500, Albuquerque, NM 87102
Ph: (505) 272-5657 FAX 272-3305
Work email:  dgrisham () salud unm edu
Adjunct Faculty, Computer Science, UNM
Academic & personal email:  dave () unm edu

chad.mcdonald () GCSU EDU 5/4/2005 9:18 AM >>>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

How many of you provide a mechanism for the anonymous reporting of
information security incidents?  What mechanism do you use (phone
number, web form, etc)?

Thanks,
Chad McDonald, CISSP
Chief Information Security Officer
Georgia College & State University
478.445.4473  Office
478.454.8250 Cell
478.445.1202 Fax


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQnjn0TNg/DEZZq7MEQJuegCg2fWYwi/QS+YET58x5vsUL7eNTpUAn3vX
AMYDQcXq+Zy10giKdMQ5MomH
=BHa1
-----END PGP SIGNATURE-----

**********
Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this
EDUCAUSE Discussion Group discussion list can be found at
http://www.educause.edu/groups/.


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

Current thread:

anonymous reporting? Chad McDonald (May 04)
- <Possible follow-ups>
- Re: anonymous reporting? David Grisham (May 04)
- Re: anonymous reporting? Austin Winkleman (May 04)
- Re: anonymous reporting? Krizi Trivisani (May 04)
- Re: anonymous reporting? Brock, Adam (May 04)