Skip to main content

Policies

Go Search
Home
  
Policies > Wiki Pages > Government Regulation Compliance  

Government Regulation Compliance

Purpose:

Government regulation affects a wide range of core Worcester State business activities. The primary purpose of regulation is to protect consumers, however, it also benefits industry by providing consistent standards and practices to which all must adhere. It is incumbent on all staff to ensure regulatory compliance, and information systems security plays a prominent role in that process. Failure to comply could expose the University to a range of serious consequences including litigation, loss of revenue, loss of market share, and loss of public trust and confidence.

 

Statement:

All Worcester State information and information system protection solutions must comply with all applicable government laws, regulations, and directives. [e.g. 201CMR(17), FERPA, HEOA, etc.]

 

Description:

  • Worcester State must evaluate its information system assets relative to government regulation and compliance to ascertain what data and resources require protection, their criticality, and the appropriate protection mechanisms.
  • Protection solutions must directly address:
    • Confidentiality, integrity, authenticity, and availability of information assets.
    • Control and accountability for system and information asset access.
 

Additional Information:

 

 

Approved By: Managers and CIO

 

Date of Origination: 5/11/2008

 

Last Reviewed:  4/23/2012

Last modified at 5/2/2012 10:16 AM  by Ramsdell, Nancy