Breach/Exposure Incident Protocol
In the case of a department breach or exposure the following university protocol is to be followed.
1. "Anyone with knowledge of a security breach of electronic records at Rutgers shall immediately notify the appropriate Data Authority , which is the individual or unit with disposition control over either electronic records or systems containing electronic records.
2. The Data Authority is then responsible for immediately notifying the university's Information Protection and Security ( IPS ) office or by calling 732/445-8011 for assistance.
3. If a breach has occurred, the Data Authority, in consultation with IPS , members of the Computer Incident Response Team, and other appropriate administrators, is responsible for notifying the affected individual(s) without undue delay. Furthermore, the Data Authority shall comply with the legitimate needs of law enforcement and any measures necessary to determine the scope of the breach and to restore the reasonable integrity of the data system."
- Login to post comments