B.2.10 Security for Administration and Technology

B.2.10 Security for Administration and Technology

Responsible Department:Office of Security for Administration and Technology (OSAT)

Date Approved/Amended: September 8, 2011



Houston Community College (HCC) recognizes that its sensitive personal information, information resources and the associated processes, systems and networks are valuable assets and that their effective management has important implications not only for HCC, but for its clients, as well. It is the policy of HCC to protect the security and privacy of its sensitive personal information, information resources, and to make information accessible as required by law. HCC shall maintain the confidentiality, integrity and availability of sensitive personal information and information resources by complying with applicable federal and state laws, policies, and procedures. The Chancellor shall establish procedures and regulations for the security of sensitive personal information (including students, faculty and staff) and information resources.

Purpose
HCC’s sensitive personal information and information resources are vital academic and administrative assets which require appropriate safeguards. Computer systems, networks, and data are vulnerable to a variety of threats. These threats have the potential to compromise the integrity, availability, and confidentiality of the information used by the college to conduct its day-to-day business.

Effective security management programs must be employed to eliminate or mitigate the risks posed by potential threats to HCC's sensitive personal information and information resources. Measures must be taken to protect these resources against unauthorized access, disclosure, modification or destruction whether accidental or deliberate.

Responsibilities
Chancellor has designated the Office of Security for Administration and Technology (OSAT) to be responsible for enforcing this policy.

Sanctions for Violations/Enforcement
Compliance with this policy and applicable procedures shall be strictly enforced. Violations may result in disciplinary action, up to and including termination.

The Chancellor may appoint a committee to investigate and address violation of this policy or related procedures, guidelines, or user agreements.