In seeking to balance and protect the confidentiality, integrity, and availability of data, BYU-Idaho is constantly seeking to improve its information security and privacy. Information security involves prevention against and management of unauthorized access, acquisition, and use of any nonpublic data; in contrast, information privacy concerns the appropriate collection and use of personal data and focuses on individual rights. Numerous laws and standards govern the security and privacy of data collected, protected, and used by the university such as student data, financial data, health data, and research data.
People
University Chief Information Officer
University Registrar, FERPA Compliance Coordinator
Student Health Services Director, HIPAA Privacy and Security Officer
Records Retention, Special Collections/University Archivist Librarian
PCI Compliance
IT Risk Management Committee
University Registrar, FERPA Compliance Coordinator
Student Health Services Director, HIPAA Privacy and Security Officer
Records Retention, Special Collections/University Archivist Librarian
PCI Compliance
IT Risk Management Committee
Requirements
Children's Online Privacy Protection Act (COPPA)
Computer Fraud and Abuse Act (CFAA)
Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM)
Electronic Communications Privacy Act (ECPA)
EU General Data Protection Regulation (GDPR)
Family Educational Rights and Privacy ACT (FERPA)
Health Insurance Portability and Accountability Act (HIPAA)
Federal Acquisition Regulations (FARs)
Federal Information Security Management Act (FISMA)
Freedom of Information Act (FOIA)
Gramm-Leach-Bliley Act (GLBA)
Health Information Technology for Economic and Clinical Health (HITECH) Act
Homeland Security Act of 2002
National Institute of Standards and Technology (NIST) Special Publication 800-171
Computer Fraud and Abuse Act (CFAA)
Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM)
Electronic Communications Privacy Act (ECPA)
EU General Data Protection Regulation (GDPR)
Family Educational Rights and Privacy ACT (FERPA)
Health Insurance Portability and Accountability Act (HIPAA)
Federal Acquisition Regulations (FARs)
Federal Information Security Management Act (FISMA)
Freedom of Information Act (FOIA)
Gramm-Leach-Bliley Act (GLBA)
Health Information Technology for Economic and Clinical Health (HITECH) Act
Homeland Security Act of 2002
National Institute of Standards and Technology (NIST) Special Publication 800-171