PURPOSE
Pacific University has adopted this Data Integrity Policy Procedure to ensure the confidentiality, integrity, and availability of all Protected Data we create, receive, maintain, or transmit as required by federal or state regulatory requirements, including but not limited to FERPA, GLBA, HIPAA, PCI, and other regional or local applicable laws and requirements.
University colleges, schools, and departments should follow these procedures to comply with the Data Integrity Policy, Policy Number POL – UIS4505.
PROCEDURE
- UIS will backup Protected Data on university-hosted systems as needed to ensure reliable copies of the data are available.
- UIS will periodically perform system and application vulnerability assessments to ensure systems are not subject to man-in-the-middle attacks or other threats that may compromise the integrity of Protected Data.
- Pacific University will require all cloud vendor contracts to include reliable backup measures if Protected Data is present.
- Periodic user access entitlement reviews will demonstrate that users are not modifying data in an unauthorized manner.
- Encryption technology will be utilized as needed to support data integrity objectives.
- Users will be instructed to use their own login credentials to prevent unauthorized modification to data through the sharing of login credentials.