Search27 Results

This standard is intended to represent a minimum baseline for managing vulnerabilities on any UNC-Chapel Hill system required by the UNC-Chapel Hill Information Security Controls Standard to be scanned for vulnerabilities.
The Onyen (originally, the "Only Name You'll Ever Need") is a campus-wide identifier used to gain access to various electronic resources. The Onyen provides each University user with secure access and ensures proper authentication when used in accordance with this policy.
The University of North Carolina at Chapel Hill (The "University" or "UNC-Chapel Hill") has a responsibility to protect the privacy and security of protected health information ("PHI") that it creates, receives, accesses, maintains, uses or transmits. Inappropriate access, use, or disclosure of PHI may cause substantial harm to individuals whose information is used or disclosed, and may cause financial and reputational injury to the University.
The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 ("HIPAA") established Federal standards for safeguarding the privacy of individually identifiable health information. HIPAA mandates rigorous compliance with the requirements for the use and/or disclosure of protected health information ("PHI").
This Standard provides requirements for the procurement of accessible Digital Content, Resources, and Technology (“Digital Material”). Implementing this standard will ensure that all individuals have access to Digital Material purchased by or on behalf of the University in compliance with the Policy on Digital Accessibility and with governing law.
This Standard sets out the minimum requirements for creating accessible Digital Content, Resources, and Technology (“Digital Material”) to advance the University’s commitment to providing equitable access in compliance with the University Policy on Digital Accessibility. Accessibility is a shared responsibility among those who maintain University Digital Material.
The University is committed to establishing a welcoming and equitable digital experience. This policy provides direction on creating an accessible experience that enhances usability for everyone. Implementing this policy will ensure that all individuals have access to Digital Content, Resources, and Technology (“Digital Material”) provided by or on behalf of the University.
The University has obligations to ensure integrity and accessibility of records, and security of sensitive University information that may be sent or received via email. This policy advises individuals of their obligations to use only their University email account and not personal email accounts for University business and to manage the records resulting from that use in accordance with applicable policy, standards, and procedures.
The Wireless Standard provides a structure for managing the shared resource of wireless communications spectrum on the UNC-Chapel Hill campus. The UNC-Chapel Hill technology infrastructure is provided to support University operations and its mission of education, service, and research.
Requirements for all data network activities at the University. Central coordination of data networks supports the University mission of education, service, and research. It is the responsibility of ITS to coordinate, monitor, and manage University network traffic and activities. Compliance with this policy and related Standard helps our campus facilities adhere to FCC and other regulatory requirements, not disrupt statewide or larger networks, and provide robust and reliable services..
This standard provides structure for effective operation of data networks for the University in accordance with the UNC-Chapel Hill Data Network Policy. This document represents minimum requirements related to all forms of data networking at the University.
To provide guidance for individuals and units on responsibilities for managing suppliers of Information Technology (IT) services, software, and systems. To manage risk to university information and other assets by creating clearer communication and understanding between vendors and University staff. To define required security controls monitoring activities.
This standard defines the minimum security controls for Information Technology systems in use at UNC-Chapel Hill including personal and University-owned devices. Units within the University may apply stricter controls to protect information and systems in their areas of responsibility. The standard applies to each UNC-Chapel Hill Constituent, student, employee, or other for any covered system under their control.
This policy defines the framework upon which the University information security program operates and gives direction for Information Security-related Policies, Standards, and Procedures to address specific areas of operation.
Protected Health Information (PHI) and Sensitive Information (SI) that is transmitted or received on behalf of the University of North Carolina at Chapel Hill by any Constituent must be encrypted in accordance with this Standard, which details required minimum encryption standards for University Tier 2 and Tier 3 information. Particular transmissions may require a heightened encryption requirement or consideration of additional legal or policy requirements.