Presentation is loading. Please wait.

Presentation is loading. Please wait.

Research & Economic Development Office of Grants and Contracts Administration Data Security Presented by Debbie Bolick September 24, 2015.

Published byAlexina Miles Modified over 8 years ago

Similar presentations

Presentation on theme: "Research & Economic Development Office of Grants and Contracts Administration Data Security Presented by Debbie Bolick September 24, 2015."— Presentation transcript:

1 Research & Economic Development Office of Grants and Contracts Administration Data Security Presented by Debbie Bolick September 24, 2015

2 Data Security Data security Means safeguarding data, from being lost, modified, or unauthorized access Monitoring That responsible parties are compliant with security plans Termination Disposition or Sanitization of Data

3 What type of Data is being protected? Defined personally identifiable information Information that can be used to distinguish or track an individual’s identity such as name, SSN, or biometric information Indirect identification using information in conjunction with other data elements to reasonably infer the identity of a respondent such as a combination of gender, race, date of birth, geographic indicators, or other descriptors Non-identifiable information Tracking purposes

4 CIPSEA Confidential Information Protection and Statistical Efficiency Act of 2002 (CIPSEA), Implemented June 15, 2007 Provides strong confidentiality protections for statistical information collections sponsored by or conducted by more than 70 Federal agencies Establishes uniform policy across Federal agencies Authorizes data sharing among specified agencies (Bureaus of Economic Analysis, Labor Statistics and Census) to include identifiable data CIPSEA data may only be used for statistical purposes

5 CIPSEA Penalties for non-compliance Class E felony with imprisonment of not more than five (5) years Fine of not more than $250,000

6 CIPSEA Implementation Guidance Harmonized principles and processes and set minimum standards Utilized best practices for handling Addressed intersection between CIPSEA and Privacy Act of 1974 for non-statistical uses

7 Authority Federal agencies empowered to make determination about the sensitivity of their information used for statistical purposes under a pledge of confidentiality Applies to local and state governments collecting data for federal agencies Special procedures required for use of laptop computers, PDAs, zip drives, floppy disks, CDROMs or any other IT devices

8 Minimum Standards All persons with access understand his/her responsibility related to maintaining confidentiality of information Monitoring procedures for collection and release Evaluating the reason for and controlling access Maintaining physical and information systems security Required Training Overview of protection procedures Limit access to those with a “need to know” Physical and information systems security procedures must be in place Penalties

9 Ensure Controls

10 311.9 Regulation Regarding Third Party Data Subject to Contractual Access Data Security at UNC Charlotte pursuant to Policy 311.9 Implemented February 2011 Policy for handling and safeguarding electronic third part y data Received from third parties Subject to contractual access restrictions. Ensures that adequate precautions are implemented prior to receiving such data Maintain the security and confidentiality of covered data; and Protect against the unauthorized access or use of such records or information in ways that could violate the University’s agreements with third parties who supply such data.

11 Initiate Request for Data? Data Security Officer ) First Point of Contact Data Security Plan Checklist University Signatory Data Use Agreement Document Repository Submits to Agency Data Sponsor Agency releases Data to PI PI

12 Ongoing Monitoring College Data Security Officer Central IT Random audits Collaborative role PI (Lead Custodian) cannot be a student Authorizes Updates and monitor Students Research staff Signs Use Agreement System of Record Signatory Unit Responsible Party Information Security Internal Audit

13 DSO list Data Security Officers Effective April 2015 Charles Andrews......Metropolitan Studies and Extended Academic Programs William Ardern.........William States Lee College of Engineering Brian Bard................Student Health Center Tim Carmichael........Belk College of Business Alex Chapin..............College of Liberal Arts & Sciences Rose Diaz.................College of Arts + Architecture Dane Hughes............College of Education Joe Matesich.............College of Computing and Informatics Michael Moore...........College of Health and Human Service

14 Resources College Data Security Officers http://itservices.uncc.edu/home/it-policies-standards/data-security-officers IT Policies & Standards http://itservices.uncc.edu/home/it-policies-standards Security Awareness Training http://itservices.uncc.edu/home/information-security/information- assurance/security-awareness-training Human Subjects (IRB) http://research.uncc.edu/departments/office-research- compliance-orc/human-subjectshttp://research.uncc.edu/departments/office-research- compliance-orc/human-subjects Checklist & Data Security Plan http://research.uncc.edu/departments/office-research-compliance- orc/human-subjects/3rd-party-data-requirements

15 QUESTIONS?

Download ppt "Research & Economic Development Office of Grants and Contracts Administration Data Security Presented by Debbie Bolick September 24, 2015."

Similar presentations

The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.

The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
Overview of the Privacy Act

Overview of the Privacy Act
National Science Foundation Division of Science Resources Statistics May 15 2008 The Confidential Information Protection and Statistical Efficiency Act.

National Science Foundation Division of Science Resources Statistics May The Confidential Information Protection and Statistical Efficiency Act.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.

1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.

Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
Prepared by the Office of Grants and Contracts1 COST SHARING.

Prepared by the Office of Grants and Contracts1 COST SHARING.
NCES Data Confidentiality and Data Licensing Program Marilyn Seastrom July, 2013 Washington, DC.

NCES Data Confidentiality and Data Licensing Program Marilyn Seastrom July, 2013 Washington, DC.

Similar presentations

Ads by Google