|Skip to Main Content|
  1. PROSPECTIVE STUDENTS
  2. CURRENT STUDENTS
  3. FACULTY & STAFF
  4. ALUMNI
  5. COMMUNITY & FRIENDS
 
  1. CAMPUS LINKS
    1. Inside UNCG
    2. Admissions
    3. Academics
    4. Libraries
    5. Administration
    6. Research & Centers
    7. International Programs
    8. Continuing Education
      & Outreach
    9. Technology
    10. Arts & Entertainment
    11. Employment
    12. Corporate Resources
    13. Giving to UNCG

Information Technology Services

Home » Compliance » Role

Getting Help

About ITS

The University of North Carolina at Greensboro
Information Technology Services
Compliance Role

February 2005

Revised March 2007

  1. Introduction

    The University of North Carolina at Greensboro (UNCG) is committed to the highest standards of ethics and compliance with all applicable laws, rules, and regulations. At UNCG, responsibility for compliance is distributed across divisions and units by function and area. Responsibility for compliance ultimately rests with each employee. Information Technology Services (ITS) is committed to providing assistance, where appropriate, in maintaining compliance. The purpose of this document is to define ITS's role in the compliance process.

  2. Compliance Areas
    ITS has a direct role in managing compliance with federal and state laws, rules, and regulations relating to networked data. Networked data is defined as any data residing on servers attached to or data transmitted over the university network. ITS's role in compliance varies from providing assistance in the compliance area to direct responsibility for compliance. Compliance areas that ITS may have a role in include:
    • HIPAA (Health Insurance Portability and Accountability Act) Security
    • DMCA (Digital Millennium Copyright Act)
    • FERPA (Family Educational Rights and Privacy Act)
    • GLB (Financial Services Modernization (Graham-Leach-Bliley) Act)
    • ADA (Americans with Disabilities Act) Web Accessibility
    • USA Patriot Act
    • Electronic Communications Privacy Act
    • Federal Rules of Civil Procedures
    • North Carolina Public Records Act
    • North Carolina State Personnel Act
    • Protection of Children from Sexual Predators Act of 1998 (Sexual Predators Act)
    • North Carolina Identity Theft Protection Act of 2005
    • Payment Card Industry (PCI) Compliance

    ITS also has a direct role in enforcement of network security and other university policies. See the following on the ITS Web site, for details:
    • Acceptable Use of Computing and Electronic Resources Policy
    • Copyright Compliance for Users of UNCG Technology Resources Policy
    • Data Classification Policy
    • Electronic Records Retention Policy
    • Legal Hold Policy and Procedures
    • Security of Networks and Networked Data Policy
    • Wireless Communications Policy

  3. ITS Role

    ITS has a direct role in DMCA, HIPAA security, and the North Carolina Public Records Act compliance. ITS has a supporting role in the other compliance areas.

    If a subpoena or search warrant is received, ITS will immediately contact University Counsel and follow their guidance. Unless the subpoena provides that no notice be given, ITS will make a reasonable effort to notify the individual that a legal order has been received, and ITS will comply with it.

    The Associate Vice Chancellor (AVC) for Data Services is the UNCG DMCA Compliance Agent and has responsibility for ensuring compliance with the DMCA. When notified by a copyright holder of an alleged infringement of the DMCA, ITS will follow the legal requirements of DMCA and established university procedures to block or remove access to the alleged copyright infringing materials.

    The AVC for Data Services is the University HIPAA Security Officer. The HIPAA Security Officer will coordinate with the designated security agents for the covered entities concerning compliance with HIPAA security. ITS will provide assistance to the covered entities in identifying security weaknesses and implementing corrective action.

    The AVC for Data Services is the UNCG Electronic Records Officer for the North Carolina Public Records Act. The Public Records Act requires that an inventory of electronic databases be maintained and that indexes of the databases be created. The Electronic Records Officer will coordinate the creation and maintenance of the required inventory and indexes.

    After notice of non-compliance from a divisional Web Accessibility Representative, ITS will block access to Web pages on UNCG servers.

    ITS will cooperate with the FERPA and GLB compliance agents as requested to address compliance issues.

    The Sexual Predators Act requires that an "electronic communication service" notify the National Center for Missing and Exploited Children (NCMEC) upon learning that child pornography exists on any of its servers. As an electronic communication service, UNCG will comply with the law. ITS will notify the UNCG Police, who will notify NCMEC as appropriate, upon learning of the existence of any child pornography on any UNCG servers or workstations.

 
Information Technology Services
The University of North Carolina at Greensboro
Greensboro, NC 27402-6170
Technical Support 336.256.TECH (8324)