Data-Incident Notification Policies and Procedures

Monday, April 10 | 2:00PM–5:30PM | Denver Ballroom 1/2
Session Type: Professional Development
Information security policies and procedures increasingly must respond to legal requirements in the area of notification in the event of a breach of personally identifiable information. This session will also explore technical issues related to meeting legal standards such as "reasonable belief that data has been acquired by an unauthorized user." Members of a panel will also describe their actual responses to incidents at their institutions.


  • Mary Ann Blair

    Chief Information Security Officer, Carnegie Mellon University
  • Tracy Mitrano

  • Steve Schuster

    Associate CIO, Cornell University

Resources & Downloads