3/5/2013 – A recent security incident at Evernote allowed attackers... Read More
Administrative Data Security Policy and Standards
The University is committed to providing a widely-available campus computing environment consistent with the institution’s mission of teaching, research and service. Equal to this commitment is the responsibility of the organization to ensure the integrity of University data and to encourage and enforce confidential, legal and ethical standards of management and use of these data. An important aspect of this responsibility is the University’s continuing compliance with all applicable federal and state laws governing disclosure of information in these data bases.
General Policies and Standards
All data captured using University assets are resources of the University, but they vary in their relevance to the processes of the University. This policy applies to data critical to the administration of the University. The University of Alabama is the Data Owner of data which may reside in different data base systems, on different machines and in printed form. Data in aggregate may be thought of as forming a logical data base, called The University of Alabama Data Base (UADB). This terminology does not imply that these data now or in the future should reside in a single physical data base. It recognizes that regardless of where the data reside, there are some general principles of data management that should be applied in order to maintain the confidentiality, integrity and availability of the University’s information resources. In addition, legal and ethical standards of use apply to all data available to University computer users. These data include, but are not limited to, information in report form (printed or electronic); data stored on University mainframe data bases, local area networks and individual workstations; and transportable storage media such as diskettes, tape, and CD-ROM.
Responsibility for implementation of these policies and standards is vested in the Office of the President. Responsibility for administration is assigned to the Office for Academic Affairs.
The University considers violation of any of these general policies and standards to be a serious offense and reserves the right to copy and examine any files or information resident on University computer systems allegedly related to inappropriate use. Violators are subject to disciplinary action as prescribed in the appropriate University staff or faculty handbook. Offenders may also be subject to prosecution under applicable federal state and local statutes.