Search36 Results

This standard defines the minimum security controls for Information Technology systems in use at UNC-Chapel Hill including personal and University-owned devices. Units within the University may apply stricter controls to protect information and systems in their areas of responsibility. The standard applies to each UNC-Chapel Hill Constituent, student, employee, or other for any covered system under their control.

This Policy prohibits (i) all forms of Discrimination and Harassment based on Protected Status; (ii) Sexual Violence and Sexual Exploitation, (iii) Stalking and Interpersonal Violence, which need not be based on an individual’s Protected Status; (iv) Complicity for knowingly assisting in an act that violates this Policy; and (iv) Retaliation against an individual because of their good faith participation in the reporting, investigation, or adjudication of violations of this Policy.

To provide guidance for individuals and units on responsibilities for managing suppliers of Information Technology (IT) services, software, and systems. To manage risk to university information and other assets by creating clearer communication and understanding between vendors and University staff. To define required security controls monitoring activities.

To describe minimum requirements for members of the University of North Carolina at Chapel Hill ("University" or "UNC-Chapel Hill") experiencing a concern that might indicate a Possible Information Security Incident. To specify Information Security Incident authority and role requirements for Information Security Incident Handlers and Information Security Liaisons.

Failure to protect information through the use of strong passwords/pass-phrases and additional authentication methods may result in incidents that expose sensitive information and/or impact mission-critical UNC-Chapel Hill services. This Standard outlines minimum requirements for authentication mechanisms for information systems under the University's control and password strength and other requirements for accounts on University systems and accounts that use University data.

This standard is intended to represent a minimum baseline for managing vulnerabilities on any UNC-Chapel Hill system required by the UNC-Chapel Hill Information Security Controls Standard to be scanned for vulnerabilities.

Protected Health Information (PHI) and Sensitive Information (SI) that is transmitted or received on behalf of the University of North Carolina at Chapel Hill by any Constituent must be encrypted in accordance with this Standard, which details required minimum encryption standards for University Tier 2 and Tier 3 information. Particular transmissions may require a heightened encryption requirement or consideration of additional legal or policy requirements.

The UNC Adams School of Dentistry has a legal and ethical responsibility to safeguard patient information. This responsibility includes ensuring that devices storing Protected Health Information ("PHI") or other Sensitive Information are properly encrypted and are serviced by an appropriate vendor. The purpose of this Policy is to ensure that all Computing Devices used by employees will meet institutional security requirements.

The UNC Adams School of Dentistry has a legal and ethical responsibility to safeguard patient information. This responsibility includes ensuring that devices storing Protected Health Information ("PHI") or other Sensitive Information ("SI") are properly encrypted and are serviced by an appropriate vendor. The purpose of this Policy is to ensure that all Smartphones used by personnel will meet institutional security requirements.

This Procedure provides the requirements and guidelines for the University of North Carolina at Chapel Hill ("University") School of Medicine's (SOM) dissemination of competencies and enabling competencies in accordance with the phases of the curriculum. By implementing specific dissemination paths during each phase, the SOM can ensure that all students, faculty, preceptors, residents and fellows receive and are informed about the school competencies, enabling competencies and learning objective

This Policy outlines the requirements for the establishment of an evaluation cycle for the review of the School of Medicine’s student competencies and enabling competencies based on the School of Medicine’s curriculum and education phases.

The University of North Carolina at Chapel Hill is committed to promoting a safe and healthy campus environment that is free from violence. This procedure sets forth steps for reporting, responding, and resolving reports of Workplace Violence.

The University has obligations to ensure integrity and accessibility of records, and security of sensitive University information that may be sent or received via email. This policy advises individuals of their obligations to use only their University email account and not personal email accounts for University business and to manage the records resulting from that use in accordance with applicable policy, standards, and procedures.

This policy describes the terms required for use of ConnectCarolina, InfoPorte, associated reporting tools, and other University business applications (“Administrative Systems”).

Requirements for all data network activities at the University. Central coordination of data networks supports the University mission of education, service, and research. It is the responsibility of ITS to coordinate, monitor, and manage University network traffic and activities. Compliance with this policy and related Standard helps our campus facilities adhere to FCC and other regulatory requirements, not disrupt statewide or larger networks, and provide robust and reliable services..