105
edits
m (Updated broken links) |
m (Updated broken links) |
||
Line 63: | Line 63: | ||
*The Information Security team shall be available to assist in identifying alternatives to the use of the Social Security Number. Alternatives which should be considered, include but are not limited to: | *The Information Security team shall be available to assist in identifying alternatives to the use of the Social Security Number. Alternatives which should be considered, include but are not limited to: | ||
:*Personnel (SAP) Number | :*Personnel (SAP) Number | ||
*In the event that the Social Security Number of an employee must be maintained, a form, [ | *In the event that the Social Security Number of an employee must be maintained, a form, [https://support.security.unmc.edu/exceptions/ssn Request to Use Social Security Number], must be completed and submitted to the Information Security Office who will facilitate approval of the Assistant Vice Chancellor for Human Resources for approval. In cases where the employee Social Security Number must be stored in a database, the database must comply with [https://info.unmc.edu/its-security/policies/procedures/database-security.html ITS Database Security Procedures]. | ||
===Research Information === | ===Research Information === | ||
*The Social Security Number of a research subject is considered confidential information and should not be used to identify a research subject unless legally mandated. | *The Social Security Number of a research subject is considered confidential information and should not be used to identify a research subject unless legally mandated. | ||
*ITS shall be available to assist in identifying alternatives to use of Social Security Number. | *ITS shall be available to assist in identifying alternatives to use of Social Security Number. | ||
*In the event that the Social Security Number of a research subject must be maintained, a form, [ | *In the event that the Social Security Number of a research subject must be maintained, a form, [https://support.security.unmc.edu/exceptions/ssn Request to Use Social Security Number], must be completed and submitted the Information Security Office which will facilitate approval from the Institutional Review Board. In cases where the research subject Social Security Number must be stored in a database, the database use must comply with [https://info.unmc.edu/its-security/policies/procedures/database-security.html ITS Database Security Procedures]. | ||
===Other=== | ===Other=== | ||
*The Social Security Number of someone in a category not previously defined is considered confidential information and should not be used to identify an individual unless legally mandated. | *The Social Security Number of someone in a category not previously defined is considered confidential information and should not be used to identify an individual unless legally mandated. | ||
*The information Security team shall be available to assist in identifying alternatives to use of Social Security Number. | *The information Security team shall be available to assist in identifying alternatives to use of Social Security Number. | ||
*In the event that the Social Security Number must be maintained, a form, [ | *In the event that the Social Security Number must be maintained, a form, [https://support.security.unmc.edu/exceptions/ssn Request to Use Social Security Number], must be completed and submitted to the Information Security Office which will facilitate approval from the Senior Associate Vice Chancellor for Business and Finance for approval. In cases where the Social Security Number must be stored in a database, the database use must comply with [https://info.unmc.edu/its-security/policies/procedures/database-security.html ITS Database Security Procedures]. | ||
===Approval/Disapproval Process=== | ===Approval/Disapproval Process=== | ||
The Information Security Office will notify unit management and the requestor of the decision to approve/disapprove the request. | The Information Security Office will notify unit management and the requestor of the decision to approve/disapprove the request. | ||
Line 93: | Line 93: | ||
*UNMC Policy No. 6073, [[Transporting Protected Health Information]] | *UNMC Policy No. 6073, [[Transporting Protected Health Information]] | ||
*UNMC Policy No. 1098, [http://wiki.unmc.edu/index.php?title=Corrective/Disciplinary_Action Corrective and Disciplinary Action] | *UNMC Policy No. 1098, [http://wiki.unmc.edu/index.php?title=Corrective/Disciplinary_Action Corrective and Disciplinary Action] | ||
*[ | *[https://support.security.unmc.edu/exceptions/ssn Request to Use Social Security Number] Form | ||
*[https://info.unmc.edu/its-security/policies/procedures/database-security.html ITS Database Security Procedures] | *[https://info.unmc.edu/its-security/policies/procedures/database-security.html ITS Database Security Procedures] | ||
*[https://info.unmc.edu/its-security/policies/plan.html Information Security Plan] | *[https://info.unmc.edu/its-security/policies/plan.html Information Security Plan] |
edits