Skip to main content

IT Security

What we do

OIT Security is dedicated to the safeguarding of CU's systems and information through the enablement of secure design grounded in policy and procedure, operational review and response to changes in our IT environment, and training for a cyber-smart community. Our goal is to create and support a campus community where all members understand the important role they play, with all these services supporting the maintenance of our resilient, risk-conscious posture.

IT Security Compliance

CU is subject to a number of laws and regulations that mandate the appropriate protection and handling of information. We have subject matter expertise to help community members navigate how to work while balancing compliance requirements; some of the most common include:

  • GLBA: The FTC Safeguards Rule requires CU to ensure the security and confidentiality of certain nonpublic personal information (NPI) that is collected in relation to financial products or services available to community members. 
  • HIPAA: As a HIPAA hybrid entity, CU must follow the requirements to protect and secure Protected Health Information (PHI).
  • FERPA: This federal law affords parents and students the right to have access to the student’s education records, seek to have those records amended, and the right to control some disclosure of personally identifiable information from education records. 
  • FAR: This is a process that federal government contractors must adhere to in order to provide goods or services to federal agencies.
  • PCI: Departments that process payment cards have an obligation to protect cardholder information by following an established set of security standards.

Additional Resources