Are You Ready? A Planning Tool for Managing Sensitive Data Incidents

Universities have had to deal with many different types of incidents involving the exposure of sensitive and legally protected information. When an incident occurs, those involved usually have limited experience with such occurrences. They look for guidance to manage the appropriate response, including incident identification, assessment, eradication, recovery, notification, and follow-up. The EDUCAUSE HEISC Governance, Risk, and Compliance Working Group has developed a framework and checklist for universities, schools, and departments to easily come up to speed and manage such incidents effectively and efficiently. We'll walk through the resources available in the sensitive data exposure incident checklist.