Educause Security Discussion mailing list archives
External Incident Notification Involving a Constituency
From: "Barton, Robert W." <bartonrt () LEWISU EDU>
Date: Wed, 30 Oct 2019 18:00:33 +0000
Afternoon, For those that do a notice of breaches of other entities, that involve your constituents, why? We have a little bit of a debate here as to IF, HOW OFTEN, and/or HOW we notify for breaches of third party systems that release information pertaining to us. If you do, why? If you don't, why not? I have a short list of why or why not, but I would like to hear from others. Has anybody found a best practice on the subject? Robert W. Barton Executive Director of Information Security and Policy Lewis University One University Parkway Romeoville, IL 60446-2200 815-836-5663 This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone at (815)-836-5950 and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you. ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- External Incident Notification Involving a Constituency Barton, Robert W. (Oct 31)
- Re: External Incident Notification Involving a Constituency Boyd, Daniel (Oct 31)