We understand that compliance is not always straightforward and easy to understand. The items under this tab are resources to assist you in navigating the compliance information that is relevant to you in order to help guide you towards compliance in your role within the UVA community.
Contracts: Data Protection Addendum
University Information Security (InfoSec) worked in partnership with Audit, University Procurement Services, Medical Center Procurement, University Counsel, and Health System Computing Services to develop a standard set of data security, privacy and audit terms and conditions for University contracts with firms that must create, obtain, transmit, use, maintain, process, or dispose of institutional data in order to fulfill their contractual obligations.
Data Protection and Purchasing
A brief FAQ that covers the data protection requirements that apply to purchasing.
Faxes and HSD
A brief FAQ that covers sending or receiving faxes containing highly sensitive data from a remove (i.e., off-Grounds) location
Information Security Risk Management Program
The University of Virginia is committed to preventing incidents that may impact the confidentiality, integrity, and availability of information resources.