Saint Louis University information security policies are in place for many important reasons.
Good information security protects valuable resources, supports good business practices and meets our ethical obligations to students, patients, and employees. It's also the law.
A number of federal and state laws address information security. From the Federal Information Security Management Act to the Digital Millennium Copyright Act to the Missouri Breach Notification Law, individuals and organizations must comply with an array of legal requirements.
Penalties for violating these laws can be severe. Recently, an employee of a Pittsburgh medical center was charged with accessing and disclosing patient data without authorization.
The employee was charged with 14 counts related to violations of the Health Insurance Portability and Accountability Act (HIPAA) and the Social Security Act. If convicted, the employee could face a maximum of 80 years in prison and close to $5 million in fines.
Information security policies and controls help SLU meet these ever-changing legal requirements. Review the current SLU information security policies.