PURPOSE
Pacific University has adopted this Information Security Sanctions Policy to ensure the confidentiality, integrity, and availability of all Protected Data we create, receive, maintain, or transmit as required by federal or state regulatory requirements, and other regional or local applicable laws and requirements.
University colleges, schools, and departments should follow these procedures to comply with the Information Security Sanctions Policy, Policy Number POL-UIS4508.
PROCEDURE
University employees will contact the Chief Information Security Officer or Privacy Officer in an expeditious manner via either email or by phone whenever an employee is suspected of, or is known to have, violated any of the Pacific University policies and procedures.
Upon notification, the Chief Information Security Officer will consult with the Privacy Officer, the VP of Human Resources and/or any affected department head, as appropriate, to determine the facts regarding the reported incident.
Upon completion of an investigation, the Chief Information Security Officer will recommend an appropriate action/response to be taken by the affected departmental head or it’s designee. Such recommendations shall be approved by the department of Human Resources as appropriate.