DMCA
The Digital Millennium Copyright Act of 1998 (DMCA) is a legal framework to protect the rights and management of digital works.
FERPA, GLBA & HIPAA
Federal laws that require the confidentiality of information include:
- The Family Educational Rights and Privacy Act (FERPA) which protects the educational records of all students.
- The Gramm Leach Bliley Act (GLBA) which requires financial institutions to protect the security and confidentiality of user information.
- The Health Insurance Portability and Accountability Act (HIPAA) which requires the protection and confidential handling of protected health information.
PCI
Payment Card Industry (PCI) compliance on the Texas A&M University campus is ultimately the responsibility of the organization that has elected to accept credit cards for payment. The Texas A&M Division of Finance Financial Management Operations Group facilitates the capacity for departments/organizations to accept credit cards.
As part of PCI compliance, Texas A&M Division of Information Technology provides the approval process of network architectures and prepares the firewalls for the PCI environments. Vulnerability scans can also be run against PCI systems to check for potential weaknesses.
Any questions concerning PCI compliance can be directed to security@tamu.edu.
PCI Resources:
Texas Administrative Code
Texas A&M, as a State University, is required to comply with Texas Administrative Code, Title 1, Chapter 202 (TAC 202). TAC 202 assigns the ultimate responsibility for the security of information resources to the President of the University.
Responsibility to administer the information security requirements of TAC 202 institution-wide is granted to the university’s Chief Information Security Officer (CISO). The head or director of a unit is responsible for ensuring that compliance with TAC 202 is maintained for any information resources owned and operated by the unit.
Annual Risk Assessment
Control Catalog
More Information
More information and specific procedures are described in Texas A&M University SAP 29.01.03.M0.01 - Security of Electronic Information Resources.