OU has defined Category E – University Administrative and Financial Information as the default classification for all University Information, until otherwise classified.
The results of classifying your data and system will help guide and inform the selection of appropriate security controls (i.e. safeguards and countermeasures) to adequately protect those information systems.
Health Insurance Portability and Accountability Act of 1996
Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009
Children’s Online Privacy Protection Act (COPPA)
State of Oklahoma Policy, Standards, Procedures, and Guidelines (PSPG)
Payment Card Industry (PCI) Data Security Standards
Family Educational Rights and Privacy Act (FERPA)
Higher Education Act of 1965, Gramm-Leach-Bliley (GLBA) Act
Department of Defense Cybersecurity Maturity Model Certification
National Institute of Standards and Technology (NIST) Special Publication 800-171
Privacy Act of 1974, E-Government Act of 2002
Fair and Accurate Credit Transaction Act of 2003