This Regulation summarizes UNC Charlotte’s comprehensive security program (the “Program”) for handling electronic data that is (a) received from third parties and (b) subject to contractual access restrictions. Such restrictions generally require the execution of agreements under such names as Data Sharing Agreement,Restricted Use Agreement, Restricted Use Data Agreement and License, Restricted Data Use Agreement,Limited Data Set Use Agreement, etc.
With the implementation of the Banner system, UNC Charlotte will start the migration from using social security numbers (SSNs) as primary personal identification numbers for students and employees to an alternate ID.
Even after the Banner system is in effect, there will still be legitimate uses of the SSN on campus. Therefore,University employees who have access to SSNs must comply with the following regulations both prior to and after the Banner system is implemented:
It is the policy of the University of North Carolina at Charlotte to safeguard all classified information as required in the National Industrial Security Program Operating Manual (NISPOM). As such, the University has published "University of North Carolina at Charlotte Standard Practice Procedures," which outline the security program at our facility. Those Standard Practice Procedures are maintained in the office of the Facility Security Officer and the Deputy Facility Security Officer.
I. Executive Summary and Purpose
The purpose of this regulation is to establish requirements for faculty, staff, students and other authorized users regarding passwords in order to protect individual and University information and resources. Adherence to this policy will help ensure that the University network and information systems are secure and available to all authorized users.
I. Executive Summary and Purpose
This document summarizes The University of North Carolina at Charlotte’s (the “Institution’s”) comprehensive written information security program (the “Program”) mandated by the Federal Trade Commission’s Safeguards Rule and the Gramm-Leach-Bliley Act (“GLBA”). In particular, this document describes the Program elements pursuant to which the Institution intends to:
This regulation provides requirements and guidance for all credit and debit card processing activities for UNC Charlotte.
At the initial publication of this regulation the following sources were consulted and provide the basis for this program: ISO 17799 and Visa CISP.
This regulation deals with access to the UNC Charlotte’s computing and network resources. All relevant provisions included in University Policy 303, 307, 311, are applicable and included by reference in this document. This regulation replaces and supersedes all other campus policies and procedures for all issues within the scope of this regulation.
This regulation applies to:
A. All academic and administrative units, organizations, affiliates, and employees of UNC Charlotte who accept credit/debit card payments for University business.
B. All external organizations contracted by the parties described in II. A., above, to provide outsourced services for Credit/Debit Card Processing for University business.
C. All academic and administrative units, organizations, affiliates, and employees of UNC Charlotte who provide Credit/Debit Card Processing services for third parties.