Despite explicit guidelines for securing confidential electronic data, breaches and other types of cybersecurity incidents can still occur. At such times, it is important that the college respond as quickly and as professionally as possible.
Much of the data stored or transmitted via Lake Land College’s computing equipment is confidential. Unauthorized access to such data may constitute a violation of federal statutes such as the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA), and other laws designed to protect privacy. A breach in data security that compromises personal information can lead to identity theft, putting members of the Lake Land College community at risk and exposing the college to litigation. Unauthorized access to other confidential data, though not usable for identity theft, may nonetheless have serious legal, financial, or reputational implications for the college.
The responsibility of protecting confidential electronic data is shared by all members of the Lake Land College community. In general, confidential data should not be accessed, copied, stored, downloaded, transmitted, or used unless it is essential to do so to conduct college business.
Confidential data should not be stored on laptops or other mobile devices and should be encrypted at all times when not actually in use. Mobile devices should also be physically protected by placing them in locked cabinets when not in use, by not putting them into checked luggage when traveling, and by any other available means.