Search Information Security site

 

Compliance

While the word "compliance" can take on a few different meanings depending on its use, what we mean by it is, "doing what is expected of you, in your role, by policy and law".  For example, consider the Digital Millenium Copyright Act (DMCA).  To be DMCA-compliant as an internet user, you must not infringe on lawful copyrights by illegaly downloading or sharing protected material, or by interfering with the protective controls over that material.  Not infringing on protected material is what is expected of you in your role as an internet user.

That being said, we understand that compliance is not always straightforward and easy to understand.  The items under this tab are resources to assist you in navigating compliance information that is relevant to you and help guide you toward compliance in your role within the UVA community.

Contracts: Data Protection Addendum

University Information Security (InfoSec) worked in partnership with Audit, University Procurement Services, Medical Center Procurement, Universityl Counsel, and Health System Computing Services to develop a standard set of data security, privacy and audit terms and conditions for University contracts with firms that must create, obtain, transmit, use, maintain, process, or dispose of institutional data in order to fulfill their contractual obligations.

DMCA

Resources for the UVA community to better understand the DIgital Millennium Copyright Act (DMCA) and how the University responds to alleged instances of illegal sharing that are detected on its network.

Information Security Risk Management Program

The University of Virginia is committed to preventing incidents that may impact the confidentiality, integrity, and availability of information resources.

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form