SMA Art Cart: This American Land
Jul. 27, 12:00 pm
Hilltop Closed
Jul. 28, All day
New Employee Orientation
Jul. 28, 08:00 am
Hilltop Closed
Jul. 29, All day
Lunchtime Mindfulness
Jul. 29, 12:30 pm

Hilltop Closed
Jul. 28, All day
Hilltop Closed
Jul. 29, All day
Fall New Student Orientation & Enrollment
Jul. 29, 06:00 pm
Hilltop Closed
Jul. 30, All day
Hilltop Closed
Jul. 31, All day

  • Home
  • KUMC Computer Security Incident Response

KUMC Computer Security Incident Response

Policy
Purpose: 

Principle
The University of Kansas Medical Center provides computing, networking, and information resources to its students, faculty, and staff, in support of the University's mission of teaching, research and public service. The prompt and consistent reporting of and response to computer security incidents protects and preserves the confidentiality, integrity and availability of these resources and contributes to the University's compliance with applicable laws and regulations.

Purpose
The purpose of this policy is to define the responsibilities of KUMC staff when reacting and\or responding to the various types of network and information security incidents that may occur. This policy is required by the State of Kansas and federal guidelines including the Health Information Portability and Accountability Act of 1996 (HIPAA), the Gramm-Leach-Bliley Act (GLBA), and the Family Educational Rights and Privacy Act (FERPA).

Responsibilities

  1. All KUMC personnel and affiliates (including vendors) are required to promptly report all suspected incidents to Information Security.
  2. The Chief Information Officer is granted authority to take actions necessary to protect KUMC computing resources, data and communications in the event of a security incident.
  3. The Director of Information Security (or a designee in his\her absence) will be the central point of contact and coordinating authority for all security incidents.
  4. The Director of Information Security is responsible for establishing a Computer Security Incident Response Team (CSIRT) for the purpose of responding to security incidents.
  5. The Director of Information Security is responsible for establishing an incident classification matrix and developing the appropriate procedures necessary to respond to each level of classification (referred to as the "Computer Security Incident Response Plan").
  6. The Director of Information Security is granted authority to declare an incident and to execute the incident response plan.
  7. The Chief Information Officer is responsible for notification of incidents to the Kansas Board of Regents President and CEO and the Kansas Board of Regents Chief Information Officer within 24 hours of a major security incident.
  8. All communications with the media regarding a security incident must be coordinated through the University Relations department.
Applies to: 

Resources Covered by This Policy
All electronic devices owned by the University or connected to the University network including, but not limited to, computer workstations and servers, network switches and routers, specialized medical devices, etc.

Individuals and Groups Covered By This Policy
All KUMC faculty, staff, and students; employees of the University of Kansas Physicians, Inc., as well as vendors, contractors or any others who have access to the KUMC network or systems.

Campus: 
Medical Center, Kansas City
Wichita
Salina
Policy Statement: 
  1. All suspected incidents must be reported to Information Security at (913) 588-3333 or via the Information Security website as soon as possible and not later than 24 hours from the time the incident is identified.
  2. The Director of Information Security will report any incident involving the potential loss or disclosure of sensitive information to the Chief Information Officer (or, in case of the CIO's absence, the Vice Chancellor for Administration) immediately.
  3. All CSIRT activities will adhere to the established Computer Security Incident Response Plan.
Exclusions or Special Circumstances: 

This policy applies to everyone at all campuses and sites of the University of Kansas Medical Center. There are no exemptions.

Consequences: 

Suspected or known violations of this policy will be reported to the appropriate University officials, and may result in:

  • Loss of the department or business unit's ability to accept credit cards as a form of payment.
  • Fines of up to $500,000 per incident (as imposed by the PCI Council).
  • Accountability for conduct under any applicable University or campus policies, procedures, or collective bargaining agreements, including disciplinary action.
  • Prosecution under applicable statues.

Suspected or known violations of University regulations and/or State and Federal law will be processed by the appropriate University authorities and/or law enforcement agencies.

Contact: 

For information on this policy, please contact:

Eric Walters
Director of Information Security
Department of Information Resources
University of Kansas Medical Center
1020 Taylor, 3901 Rainbow Blvd
Kansas City, Kansas 66160
(913) 588-0966

Michael Harmelink
Associate Vice Chancellor for Information Resources
Chief Information Officer
University of Kansas Medical Center
1018 Taylor, 3901 Rainbow Blvd
Kansas City, Kansas 66160
(913) 588-4900

 

 

 

Approved by: 
Chief Information Officer, KUMC
Approved on: 
Friday, May 1, 2009
Effective on: 
Friday, May 1, 2009
Review Cycle: 
Annual (As Needed)
Definitions: 

Cardholder: The customer to whom a credit card or debit card has been issued or the individual authorized to use the card.

Security Incident: The attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or the computer system(s) which contain the information. Examples of a security incident include, but are not limited to:

  • non-compliance with KUMC security policies
  • unauthorized use of an electronic system owned or operated by KUMC
  • disclosure of University data to someone not authorized to access it
  • use of University computing resources to violate local, state or federal law
  • loss or theft of a University-owned computing device.

Incident Response: An organized approach to addressing and managing the aftermath of a security breach or attack.

Keywords: 
incident, response, csirt
Review, Approval & Change History: 

2014-07-17:  Updated contact information.

2014-02-28: Reviewed and moved into KU Policy Library.

2013-04-19: Reviewed with no changes.

2012-04-27: Reviewed with no changes.

2011-03-13: Reviewed with no changes.

Information Access & Technology Categories: 
Privacy & Security

Policy Library Search
Can't Find What You're Looking For?
One of 34 U.S. public institutions in the prestigious Association of American Universities
26 prestigious Rhodes Scholars — more than all other Kansas colleges combined
Nearly $290 million in financial aid annually
1 of 9 public universities with outstanding study abroad programs.
—U.S. News & World Report
46 nationally ranked graduate programs.
—U.S. News & World Report
Top 50 nationwide for size of library collection.
—ALA
$260.5 million in externally funded research expenditures
23rd nationwide for service to veterans —"Best for Vets," Military Times