Forwarded on to MSU-NAG list at the request of David Gift. John A. Resotko Head of Systems Administration Michigan State University College of Law email: [log in to unmask] Phone: 517-432-6836 Current Chairperson of the MSU Network Communications Committee >>> "David A Gift" <[log in to unmask]> 9/27/2006 3:49 PM >>> To: Deans, Directors, Chairpersons From: David Gift, Vice Provost, Libraries, Computing and Technology Subject: Update regarding Guidelines for Internal and External Reporting of Data System Security Breaches This note is to make you aware that we have updated the contact information in the Guidelines for Internal and External Reporting of Data System Security Breaches, posted on the Web at: http://lct.msu.edu/documents/security-breach-guidelines.pdf Reportable security incidents should be reported to the Academic Computing and Network Services Helpdesk, 432-6200; please follow the recorded instructions for reporting a “security incident”. This point of contact will help us to alert the appropriate network security staff at any time. Prompt internal reporting of security incidents is critical to the University’s ability to protect confidential and proprietary data and to be compliant with a wide range of data and privacy protection regulations and contractual obligations. The Guidelines provide information regarding what constitutes an internally reportable data system security breach incident, definitions of confidential and proprietary data, breach reporting procedures and responsibilities, and procedures the University will follow to determine if external notice of a breach is necessary, and how external notification will be done. Please share this information with your data systems and network administrators. Thank you.