Compliance with External Requirements
The S&C ISRA team helps campus stakeholders comply with the following external information security requirements:
- Family Educational Rights and Privacy Act (FERPA)
- Health Insurance Portability and Accountability Act (HIPAA) security rule agent
- Higher Education Opportunity Act (HEOA) — copyright provisions and Digital Millennium Copyright Act (DMCA) university agent
- Gramm-Leach Bliley Act (GLBA)
- FTC Red Flag Rule
- PCI Data Security Standard (PCI DSS)
- North Carolina Identity Theft Protection Act of 2005
- North Carolina Public Records Act
- State Personnel Act
Security Frameworks
The S&C ISRA team helps campus stakeholders apply the following information security frameworks to their environments:
- Data Sensitivity
- UNC System Security Crosswalk
- NC State University IT System Standards manual
- ISO 2700x series — “Information Technology – Security Techniques – Code of Practice for Information Security Management”
- NIST 800-53 FIPS-PUB Recommended security controls for Federal Information Systems and Organizations
- Security & Compliance Governance — Policy