Developing an Enterprise-Wide Privacy and Data Security Training Program Ross T. Janssen, J.D., CIPP Privacy & Security Officer University of Minnesota.

Slides:



Advertisements
Similar presentations
Planning Collaborative Spaces in Libraries
Advertisements

How Will it Help Me Do My Job?
Leader - version.2.0 Building Organizations from the Inside Diana Jones Ritter, CGFM Executive Deputy Comptroller NYS Office of the State Comptroller.
WV High Quality Standards for Schools
The CHE’s Accreditation Criteria QA Forum: Professional bodies February 2012.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
School Based Student Reporting v4.0 1 Version 3 to Version 4 Update Training School Based Student Reporting Version 4.0.
March 29, 2012 Improving Health Outcomes for Children in Foster Care: the Role of Electronic Information Exchange.
Graham Nicholson Director Careers Service University of Dundee Assessment of Personal Transferable Skills.
Supportive Services for Veteran Families (SSVF) Data Bigger Picture Updated 5/22/14.
Security Controls – What Works
Key Communities and Objectives Outcomes- Based Assessment Telling the Story Results Closing the Loop.
Alliance for Strategic Technology (AST) SUNY Business Intelligence Initiative January 8, 2009.
(Geneva, Switzerland, September 2014)
Introduction to Web-Based Learning. Defining Web-Based Instruction Instruction via Internet and Intranet only. Synonymous with online learning.
Copyright 2003 Cuyahoga Community College District Knowledge Management: Making it Fly in Higher Education Presenter: Amy C. Eugene Director, Knowledge.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
Welcome to the Information Session on Leadership Competency Models
Building Public Health / Clinical Health Information Exchanges: The Minnesota Experience Marty LaVenture, MPH, PhD Director, Center for Health Informatics.
Georgia Interoperability Network Training Project Overview Mark Hodges Georgia Tech Research Institute.
BUILDING SKILLS AND A BOOK OF BUSINESS AS A STUDENT LOAN CONSULTANT (SCL) AN INSTRUCTIONAL PLAN PRESENTED BY JESSICA MATYE.
Application of E-learning Materials & Processes to Support Police Learning & Development HMIC Desktop Review & Analysis.
NEW TEACHER EVALUATION PROCESS CONNECTING TEACHER PERFORMANCE to ACADEMIC PROGRESS.
PRIME Principal Resource for Information Management Enterprise-wide USAID PRIME 1 USAID/Peru Risk Assessment In-Briefing February 19, 1999 PRIME Principal.
Franklin University Dr. Lewis Chongwony, Instructional Designer
The Integration of Embedded Librarians at Tuskegee University Juanita M. Roberts Director Library Services Ford Motor Company Library/Learning Resources.
Creating a Learning Community Vision
IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.
Uniting Cultures, Technology & Applications A Case Study University of New Hampshire.
Slide Heading Enhanced Professional Development Skills Norm Kelson, CPA, CISA, CGEIT The Kelson Group November 18, 2009 © The Kelson Group, 2009.
Information literacy features strongly on the CIT Strategic Plan, the Learning Services Division Business Plan and the Library & Learning Centre Operational.
Concept to Implementation Leadership Team Prototype Implementation Plan First Call for Engagement, Formation of Communities of Practice Formation.
University Web Portals From accessibility to accountability and life-long connectivity. Paul Kim, Ph.D. Chief Technology Officer Stanford University School.
The Student Services Assessment Institute (SSAI): Creating a Culture of Assessment through Professional Development Kim Black, Ph.D. Stephanie Torrez,
Information Technology Study Fiscal Crisis and Management Assistance Team (FCMAT) Las Virgenes Unified School District Presented By: Leslie Barnes Steve.
Top Issues Facing Information Technology at UAB Sheila M. Sanders UAB Vice President Information Technology February 8, 2007.
Using Blackboard for blended learning Delivering the Geography curriculum at Kingston College This talk will give an overview of the assessment features.
ENHANCING PATHWAYS INTO CARE MANCHESTER. KEY RECOMMENDATIONS FROM MANCHESTER MENTAL HEALTH AND SOCIAL CARE TRUST Data collection: – ensure consistency.
ROLE OF THE FACULTY PLA with a Purpose Symposium: Launching Practical Steps to Engage Adult Learners American Council on Education American Council on.
Institutional Considerations
A. Rani Elwy, PhD & Rob Schadt, EdD CEIT, March 2, 2012.
State Support System for Districts New Hampshire Department of Education.
WHO Global Standards. 5 Key Areas for Global Standards Program graduates Program graduates Program development and revision Program development and revision.
Anderson County Schools. 1. Providing technology to support instruction and to assist with stakeholder communication. 2. Identifying and providing new.
Outsourcing Student at USC Institute for Computer Policy and Law Cornell University, August 2008 Asbed Bedrossian Director of Enterprise Applications.
Addressing Unauthorized Release of Personal Information at UC Davis August 12, 2003.
Transitions: Becoming a College Teacher Purpose What is being done to prepare community college faculty to become effective instructors? What is being.
ELearning Committee Strategic Plan, A Brief History of the ELC Committee Developed and Charged (2004) CMS Evaluation and RFP Process (2004)
How do you eat an elephant? Janet May April 21, 2010.
Lighthouse Junior Our School Metaphor. Governance Curriculum Climate Staffing WE WILL EXAMINE THE FOLLOWING TOPICS:
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
Strategic Approaches to Improving Ethical Behavior
Staffing and training. Objectives To understand approaches to the development of strategies and policies for staffing of a Regulatory Authority including.
Resource Sharing Begins at Home Opportunities for Library Partnerships on a University Campus Robert A. Seal Dean of University Libraries Loyola University.
EDUCATIONAL TECHNOLOGY IN THE ASIA PACIFIC REGION
Developing networked learner support in UK higher education Perspectives from the NetLinkS project Phil Levy, UK-Nordic Conference 1997.
Information Technology Services Strategic Directions Approach and Proposal “Charting Our Course”
NACDD Hill Day: Legislative Visits What to Expect Mari T. Brick, MA Program Consultant, NACDD
Information Technology Assessment Findings Presented to the colleges of the State Center Community College District.
Tom L Thompson – Higher Education Consultant Sandi Patton – Lone Star College System Deborah Larew, Ed. D., – Valencia College System.
Installation and Maintenance of Health IT Systems Unit 8a Troubleshooting; Maintenance and Upgrades; and Interaction with Vendors, Developers, and Users.
Position Proposal: Digital Communications Coordinator.
Building a BA Center of Excellence Gain Momentum...Produce Results!
Sydney Region Computer Coordinators November 2004.
Blackboard Learn 9.1 Communicating with Students © 2010 Blackboard Inc. All rights reserved.
Paul T. Smith Davis Wright Tremaine LLP
to Enhance Student Success
Creating a University IT Service Portfolio
Cynthia Curry, Director National AEM Center
Information Technology Organization Overview RFP #220-05
Presentation transcript:

Developing an Enterprise-Wide Privacy and Data Security Training Program Ross T. Janssen, J.D., CIPP Privacy & Security Officer University of Minnesota John T. Jensen, CHPS, CIPP Assistant Director Privacy & Security Office University of Minnesota

Outline Drivers Organizational Complexity Key Project Components Costs and Timelines Lessons Learned Questions

Drivers Incidents Notification law New IT security laws Leverage resources Lots of regulation

Complexity of Higher Education –Multi-part missions –Culture of Openness –Decentralized Organization –Need for Privacy and Security –Diverse stakeholders –Regulations –Community Expectations

Developing a Balanced Approach: Key Assumptions University faculty, staff, and students create, use, access, store, and share private data. Must understand human dimensions as well as acknowledge the need to address not only what is required (law) but also what is expected (from the community).

Key Project Components Analysis & Planning Curriculum & Instructional Design Content Development Training Delivery & Tracking Awareness & Communications Evaluation & Measurements Reporting

Analysis & Planning Process Key Findings –Content –Technology and delivery –Patterns of use –challenges Recommendations

Analysis & Planning Mandatory or voluntary Role based? Scope measurements Opportunities

Purpose Educate users about institutional expectations. Educate users about good IT practices. Enhance productivity through standard practices.

Course Curriculum Data Security in Your Job Securing Your Computer Workstation Using University Data Self Assessment Personnel DataStudent Data Health DataFinancial Data Faculty, Managers, & Supervisors

Content Development Principal v. topical Identify subject matter experts Policy translation Course objectives Identify resources Lots and lots and lots of time!

Training Delivery & Tracking Privacy Coordinator/Liaison Structure Leveraging Existing Infrastructure –Human Resources System (PeopleSoft) –University portal ( –Database (Oracle) –eLearning System (WebCT – Blackboard) – Tracking & Delivery Enhancements –Tiered assignments for timed delivery –Reports

Communications & Awareness Challenges –Decentralized communication infrastructures –Multiple web identities –Communicating to Faculty –Communicating to research personnel “I work with rats, not data”

Communications & Awareness –A Multi-Tiered Approach –Packaged Communications (Mailings, Posters, Logos, Banners, etc) –Strategic Communications (Memorandums, electronic notices of course assignments, in- person meetings, Scripts for supervisors and coordinators)

Communications & Awareness - Packaged

Measurements : Evaluation & Reporting 1. I am confident that I can secure my work environment and the private data I may use in my job. 2. I am confident that I can identify resources for securing my computer workstation. 3. I am confident that I can create and use strong passwords. 4. I am confident that I can recognize actions that increase security risk. 5. I am confident that I can use best practices to reduce the risks associated with using and sharing University private data. 6. I am confident that I can identify security issues and take appropriate action to address them. 7. I am confident that I can identify what University data are private and what University data are public. Assessing Confidence Levels: Before and After Training

Costs and Timelines ComponentTimeCosts Analysis & Planning (front-end analysis) 80 hours (.5 months) $15,000 consultants only Curriculum & Instructional Design Content Development 1,500 hours (9+ months) $110,000 consultants only Training Delivery & Tracking Reporting 1,700 hours (10+ months) $170,000 business analyst and programmers Awareness & Communications500 hours (3+ months) $35,000 designers, consultants, materials Evaluation80 hours (.5 months) $7,000 Total23 months*$337,000*

Contact Information Privacy & Security Office University of Minnesota Ross T. Janssen, JD, CIPP John T. Jensen, CHPS, CIPP

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.