Friday, May 14, 2010

Re: Confidentiality

I cannot speak to most school environments but in other federal and
state regulate environments (healthcare, financial, legal companies
and organizations), technical staff with elevated privileges or access
to confidential data are typically required to sign non-disclosure
agreements (NDA's).

A well written NDA protects both the organization and staff members.
The trick is to have a well defined set of procedures for accessing
and disclosing information and security breaches.

For example, if someone has a legitimate need to access another
person's email, policies and procedures (including the NDA) would
outline who can authorize the access to the data. Typically, someone
outside of IT who has legal authority needs to authorize the access.
This protects the IT staff while also escalating the issue to senior
management.

TJ

On 5/14/10, Steve Van Dyk <svandyk@kcsa.org> wrote:
> Good Morning,
>
> Earlier this week I was approached by my Superintendent who wondered what
> protections or policies were in place to ensure privacy and confidentiality
> of e-mails, documents, etc. in regards to the Network Administrator. Do your
> Network Admins need to sign a code of ethics? Or is the general operating
> procedure to trust them to do their job and stay out of business that is not
> related to them? I think the Superintendent was trying to ensure protection
> for the Network Admin if any accusations were to come up.
>
> Any input would be appreciated. Thanks!
>
>
> Steve Van Dyk
> Technology Director
> Kalamazoo Christian School Association
> svandyk@kcsa.org
> [ For info on ISED-L see https://www.gds.org/podium/default.aspx?t=128874 ]
> Submissions to ISED-L are released under a creative commons, attribution,
> non-commercial, share-alike license.
> RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L
>

--
Sent from my mobile device

TJ Rainsford
E: tjrainsford@gmail.com

[ For info on ISED-L see https://www.gds.org/podium/default.aspx?t=128874 ]
Submissions to ISED-L are released under a creative commons, attribution, non-commercial, share-alike license.
RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L