Re: Security and Privacy Positions - FTEs

["Gregg, Christopher S." <csgregg () STTHOMAS EDU>]

1. how many of your security offices are responsible for Privacy. 

Partially, and unofficially.  There is no official privacy role, position, or department at our institution.  I 
collaborate with our in-house counsel and stakeholder departments to try to make sure we're at least meeting the 
compliance requirements.

2. How many full or part time dedicated staff you have to focus on Privacy.  Title of position(s) if applicable. 

A small portion of my time.

3.  Brief scope of statement of Privacy at your institution ( roles, responsibilities, and the best- authority).

See answer to question #1.

Thanks,

Chris


Chris Gregg
Associate Vice President of Information Security & Risk Management, CISO
Information Technology Services (ITS)
csgregg () stthomas edu
p 1 (651) 962-6265
University of St. Thomas | stthomas.edu 





-----Original Message-----
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Cathy Hubbs
Sent: Monday, October 8, 2018 7:59 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Security and Privacy Positions - FTEs

Good morning everyone,
There is talk of adding Privacy to the office of the CISO ( security program equivalent) at our university. 

I am interested in learning more about...

1. how many of your security offices are responsible for Privacy. 

2. How many full or part time dedicated staff you have to focus on Privacy.  Title of position(s) if applicable. 

3.  Brief scope of statement of Privacy at your institution ( roles, responsibilities, and the best- authority). 

Thank you! 

More than happy to take answers/conversation offline. 

Cathy Hubbs, CISO
American University 
Washington DC