Search300 Results

This document describes who at the University of North Carolina at Chapel Hill appoints Information Security Liaisons and what those Information Security Liaisons do.

The University of North Carolina at Chapel Hill (UNC-Chapel Hill) has established standards and safeguards to protect patient’s information and to ensure compliance with federal and state information security regulations.

The Information Classification Standard gives a structure for the University's information. This structure helps us recognize the types of University Information we handle. It makes it easier to keep the information safe. This Standard considers the University's academic culture, which values sharing information. Classifying information the right way gives everyone at the University, at every level, a structure that supports their University activities.

To describe minimum requirements for members of the University of North Carolina at Chapel Hill ("University" or "UNC-Chapel Hill") experiencing a concern that might indicate a Possible Information Security Incident. To specify Information Security Incident authority and role requirements for Information Security Incident Handlers and Information Security Liaisons.

This Standard provides a structure for the classification and handling of information developed under and in support of the University's Emergency Management Policy. This Standard is intended to apply specific and stringent handling and information control procedures and practices for Emergency Management Information, aligned with the University’s Information Classification Standard.

Some research designs may require the withholding of information from human subjects. Research involving deception or withholding of information must be reviewed by the IRB with common sense and sensitivity. The withholding of information by researchers is different from the practice of deception, in which researchers provide false or misleading information to subjects.

All members of the University community who engage with any University information technology (including wireless or other networks) must adhere to this Acceptable Use Policy.

Policy that outlines Adams School of Dentistry workforce members with creating, storing, transmitting, accessing, or using any patient information in support of clinical or research purposes.

This SOP provides examples and procedures for the reporting of Promptly Reportable Information (PRI) to the University of North Carolina at Chapel Hill's Institutional Review Board.

Resources for information, consultation, and advice on biohazard control, decontamination procedures, and other aspects of laboratory and animal safety management

To guide University Constituents in preserving the integrity, confidentiality, and availability of University information and information systems. Access controls are intended to minimize inappropriate exposure of University information by limiting system access to authorized individuals.

Protected Health Information (PHI) and Sensitive Information (SI) that is transmitted or received on behalf of the University of North Carolina at Chapel Hill by any Constituent must be encrypted in accordance with this Standard, which details required minimum encryption standards for University Tier 2 and Tier 3 information. Particular transmissions may require a heightened encryption requirement or consideration of additional legal or policy requirements.

List of items regarding each individual's University employment are considered public information and will be released upon request. Any additional information regarding employees not specifically identified is considered confidential under State law unless otherwise explicitly authorized by the Human Resources Act. The Human Resources Act requires that University employees who are in or come into possession of such confidential personnel information maintain its confidentiality.

The privacy and confidentiality of personal information, including personal health information is addressed in a variety of state and federal regulations and University of North Carolina at Chapel Hill ("UNC-Chapel Hill") policies. This policy addresses the specific privacy obligations required by the Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 ("HIPAA").

The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 ("HIPAA") established Federal standards for safeguarding the privacy of individually identifiable health information. HIPAA mandates rigorous compliance with the requirements for the use and/or disclosure of protected health information ("PHI").