Re: Data "Sharing" Policy

[Bob Kalal <kalal.1 () OSU EDU>]

Ohio State's Institutional Data Policy addresses many of these issues. You can find it at 
http://cio.osu.edu/policies/institutional_data/

Bob Kalal
Director (Retired), Information Technology Policy
Office of the CIO
The Ohio State University

On Sep 2, 2011, at 10:40 AM, Kevin Casey wrote:

> Good morning.  Does anyone have a written policy they could share governing how sensitive data should "move" across 
> your organization?  We have a situation where individuals/departments are (for example) collecting info from 
> prospective students on their own via the Web. 
>  
> We need a policy that not only addresses this use of home-grown forms, but also sending sensitive info via 
> (unencrypted) email, etc., and even via non-digital means (e.g. applications with SS#s in a briefcase taken off 
> campus).  We also need to define what "sensitive," "confidential," etc. means in the context of data....
>  
> We have an "acceptable use" policy that mentions this topic, but with inadequate specificity.
>  
>  
> Thanks,
>  
> Kevin
>  
> __________________________________________
> Kevin Casey 
> Executive Director
> Information Resources
> Phone:  (207) 941-7123
> Fax:  (207) 941-7988
> caseyk () husson edu
>  Husson University
>  www.husson.edu
>   
>  
>  
>