To Home Page To Home Page
General Description
Policy Provisions
Performance Evaluation
Subject Experts
Information Accessibility

Document Number: REDFLAG--109 Revision #: 1.0
Document Owner: Date Last Updated: 11/03/2015
Primary Author: Status: Approved
Date Originally Created: 12/15/2011

General Description

Information about information accessibility relative to Red Flags Identity Theft Policy.


Delineation of policy.


All faculty, staff, students, and administrators

Responsibility: Administration
VP of Business and Finance

Back to Top

Relevant Knowledge: In order to comply with this policy you should know:
Current University policy
Federal statutes
Local statutes
Standard company policies
Standards of good practice
State statutes

Terms and Definitions: Additional training

Corrective Action

Loss of privilege, general

Back to Top

Policy Provisions

Information Accessibility


Hard Copy Accessibility

1. Entrances and Exits

· All facility entrances and exits that are determined not for public use will remain locked at all times, unless it violates fire code.


2. Mail Accessibility

· Mail must be kept in a secure area until requested by the postal carrier or received internally by the intended recipient who shows at least one photo identification to the mail handler.


3. Surveillance Equipment

· The University reserves the right to use cameras and other surveillance equipment to monitor public, operations, and restricted areas.


4. Employee Authorization

· Every employee will be thoroughly trained before being authorized to handle CSI.

· Employees shall only handle CSI for a legitimate business purpose and that is a function of their job responsibilities.

· A written procedure and checklist will be used by management to terminate access when an employee is terminated from service.


5. Service Provider Accessibility

· Service providers shall only handle CSI for a legitimate business purpose and that is a function of their job responsibilities as stated in their service provider agreements.



Soft Copy Accessibility

1. Technology System Audits

· The University will conduct periodic technology system audits to test the integrity of technology information systems no less than annually.


2. Logging on and off Computers

· Only authorized personnel may log onto University networks and equipment.

· All personnel are required to log off computers when not in use.


3. Passwords

· Employees shall use strong passwords containing a combination of numbers, letters, and characters. Passwords should be changed no less than once every (90) ninety days.


4. Personal Use of Technology Equipment

· Employees are permitted to browse the internet with company equipment only for company purposes.

· Employees are permitted to instant message using company equipment only for company purposes.

· Employees are permitted to check personal email on company equipment.


5. Remote Access

· Remote access to University networks must be approved using IT protocols and said access must be done with authorized resources.


Back to Top

Performance Evaluation
Performance Metrics: Compliance with standard policy and procedure
Compliance with federal mandate

Consequences: Further training
Loss of privileges

Back to Top

Subject Experts
The following may be consulted for additional information.

VP of Business and Finance

Back to Top

This page created 11/03/2015 using Zavanta® version 7.3