Protecting personal information is a shared responsibility at GW. The university recognizes the importance of safeguarding personal information, in all formats throughout the data lifecycle, that is processed or shared with the university and with third parties on its behalf. As such, GW employs policies, notices and resources to promote compliance with requirements of privacy laws and regulations.
The Information Security Policy (PDF) is a key component of the information management strategy. It explains how to identify the information in custody of a specific office and how it must be secured. It highlights the following:
- the categorization of information assets (Regulated, Restricted, Public)...for help with categorizing information please reference these tips (PDF)
- the appropriate data security requirements for information per its categorization...please see our Guide to Information Management and Protection Policies (PDF)
- the roles and responsibilities of individuals, schools, divisions, and university administration in the custody and control of this information
The Information Security Policy Procedures (PDF) will help you with proper implementation of the policy.
The Records Management Policy (PDF) is a key component of the information management strategy. It explains GW's record retention requirements and includes the following:
- meeting operational and legal requirements in record retention
- proper disposal of outdated records in GW's record retention schedule (PDF)
- preservation of materials of long term historical or administrative value in the University Archives one page guidance (PDF)
The Record Management Policy Procedures (PDF) will help you with proper implementation of the policy.
Additional resources found on the IT Security site.
If you have questions about how to protect personal information or if you require training, please contact [email protected].