Louisiana State University and A&M College

  1. Home
  2. COMPLIANCE CERTIFICATION
  3. PART 1. Signatures Attesting to Compliance
  4. PART 2. List of Substantive Changes Approved Since the Last Reaffirmation
  5. PART 3. Institutional Assessment of Compliance
    1. Section 2: Core Requirements
      1. 2.1 Degree-granting Authority
      2. 2.2 Governing Board
      3. 2.3 Chief Executive Officer
      4. 2.4 Institutional Mission
      5. 2.5 Institutional Effectiveness
        1. 2.5 Institutional Effectiveness (Continued)
      6. 2.6 Continuous Operation
      7. 2.7.1 Program Length
        1. 2.7.1 Program Length (Continued)
      8. 2.7.2 Program Content
      9. 2.7.3 General Education
      10. 2.7.4 Course work for Degrees
      11. 2.8 Faculty
      12. 2.9 Learning Resources and Services
      13. 2.10 Student Support Services
        1. 2.10 Student Support Services (Continued)
      14. 2.11.1 Financial Resources
      15. 2.11.2 Physical Resources
    2. Section 3: Comprehensive Standards
      1. 3.1.1 Mission
      2. 3.2.1 CEO evaluation/selection
      3. 3.2.2 Governing board control
      4. 3.2.3 Board conflict of interest
      5. 3.2.4 External Influence
      6. 3.2.5 Board dismissal
      7. 3.2.6 Board/administration distinction
      8. 3.2.7 Organizational structure
      9. 3.2.8 Qualified administrative/academic officers
      10. 3.2.9 Personnel appointment
      11. 3.2.10 Administrative staff evaluations
      12. 3.2.11 Control of intercollegiate athletics
      13. 3.2.12 Fund-raising activities
      14. 3.2.13 Institution-related entities
      15. 3.2.14 Intellectual property rights
      16. 3.3.1 Institutional Effectiveness
        1. 3.3.1.1
          1. 3.3.1.1 (Continued)
        2. 3.3.1.2
        3. 3.3.1.3
          1. 3.3.1.3 (Continued)
        4. 3.3.1.4
          1. 3.3.1.4 (Continued)
        5. 3.3.1.5
          1. 3.3.1.5 (Continued)
      17. 3.4.1 Academic program approval
      18. 3.4.2 Continuing education/service programs
      19. 3.4.3 Admissions policies
      20. 3.4.4 Acceptance of academic credit
      21. 3.4.5 Academic policies
      22. 3.4.6 Practices for awarding credit
      23. 3.4.7 Consortial relationships/contractual agreements
      24. 3.4.8 Noncredit to credit
      25. 3.4.9 Academic support services
        1. 3.4.9 (Continued)
        2. 3.4.9 (Continued - 2)
      26. 3.4.10 Responsibility for curriculum
      27. 3.4.11 Academic program coordination
      28. 3.4.12 Technology use
      29. 3.5.1 General education competencies
      30. 3.5.2 Institutional credits for a degree
      31. 3.5.3 Undergraduate program requirements
      32. 3.5.4 Terminal degrees of faculty
      33. 3.6.1 Post-baccalaureate program rigor
        1. 3.6.1 Post-baccalaureate program rigor (Continued)
      34. 3.6.2 Graduate curriculum
      35. 3.6.3 Institutional credits for a graduate degree
      36. 3.6.4 Post-baccalaureate program requirements
      37. 3.7.1 Faculty competence
      38. 3.7.2 Faculty evaluation
      39. 3.7.3 Faculty development
      40. 3.7.4 Academic freedom
      41. 3.7.5 Faculty role in governance
      42. 3.8.1 Learning/information resources
      43. 3.8.2 Instruction of library use
      44. 3.8.3 Qualified staff
      45. 3.9.1 Student rights
      46. 3.9.2 Student records
      47. 3.9.3 Qualified staff
      48. 3.10.1 Financial Stability
      49. 3.10.2 Financial aid audits
      50. 3.10.3 Control of finances
      51. 3.10.4 Control of sponsored research/external funds
      52. 3.11.1 Control of physical resources
      53. 3.11.2 Institutional environment
      54. 3.11.3 Physical facilities
      55. 3.12.1 Substantive change
      56. 3.13 Policy compliance
        1. 3.13.1 "Accrediting Decisions of Other Agencies"
        2. 3.13.2. "Collaborative Academic Arrangements: Policy and Procedures"
        3. 3.13.3. "Complaint Procedures Against the Commission or Its Accredited Institutions"
        4. 3.13.4. "Reaffirmation of Accreditation and Subsequent Reports"
          1. 3.13.4.a.
          2. 3.13.4.b.
      57. 3.14.1 Publication of accreditation status
      58. 3.13.5. "Separate Accreditation for Units of a Member Institution"
        1. 3.13.5.a.
        2. 3.13.5.b.
    3. Section 4: Federal Requirements
      1. 4.1 Student Achievement
      2. 4.2 Program curriculum
        1. 4.2 Program curriculum (Continued)
      3. 4.3 Publication of policies
      4. 4.4 Program length
        1. 4.4 Program length (Continued)
      5. 4.5 Student complaints
      6. 4.6 Recruitment materials
      7. 4.7 Title IV program responsibilities
      8. 4.8 Distance and correspondence education
        1. 4.8.1
        2. 4.8.2
        3. 4.8.3
      9. 4.9 Definition of credit hours
  6. PART 4. Institutional Summary Form Prepared for Commission Reviews
  7. FOCUSED REPORT
  8. QUALITY ENHANCEMENT PLAN (QEP)

3.9.2 Student records

The institution protects the security, confidentiality, and integrity of student records and maintains special security measures to protect and back up data. (Student records)

Compliance Status

Louisiana State University and A&M College is in compliance with this principle.

Narrative

Louisiana State University and A&M College (LSU) protects the security, confidentiality, and integrity of all records containing personally identifiable information (including student records) and maintains special security measures to protect and back up data as described in detail below.

Student Records Defined

The university defines student records to mean all educational records within the scope of the Family Educational Rights and Privacy Act (FERPA) [1].  For this purpose, the university broadly defines student records to mean all records, files, documents, and other materials containing information directly related to a student and maintained by a person acting on behalf of the university [1].

Educational records do not include the following:

  • Sole possession records – records kept in the sole possession of the maker that are used only as a personal memory aid and are not accessible or reviewed by any other person except a temporary substitute for the maker of the record;
  • Employment records, provided that employment is not contingent upon being a student;
  • Law enforcement records; or
  • Records collected about an individual after that person is no longer a student.

Compliance with All Applicable Laws Concerning Student Records

The university has adopted a comprehensive set of policies and procedures designed to comply with federal laws and regulations protecting personally identifiable information. In most cases, the protection provided by these university policies and procedures extends beyond student records. The discussion below, however, focuses on the student records aspects of those policies and procedures.

The laws and policies addressed by these university policies and procedures include the following:

Federal

  • Family Educational Rights and Privacy Act [2]
  • Health Insurance Portability and Accountability Act [3]
  • Gramm-Leach-Bliley Act [4]
  • Digital Millennium Copyright Act [5]

State of Louisiana

  • Title 44. Public Records and Recorders [6]
  • Data Security Breach Notification Law [7]
  • Louisiana State Office of Information Technology Security Policies [8].

Louisiana State University Board of Supervisors Policy 

As a member institution of the Louisiana State University System, LSU must enforce policies and procedures in compliance with the information security standards set by the Board of Supervisors and with applicable federal and state laws.  The LSU System information security standards are outlined in Permanent Memorandum 36 (PM-36) – Louisiana State University System Information Security Plan [9]. Additional details are provided in the attachments to PM-36:

  • PM-36 Attachment 1, Table of contents and chapters 1-12 [10]
  • PM-36 Attachment 2, Glossary of terms [11]
  • PM-36 Attachment 3, References to PM-36 [12]
  • PM-36 Attachment 4, Business Associate Contract Addendum [13].

Louisiana State University Policies and Procedures

The university’s compliance with law and Board of Supervisors policy in this important area is accomplished through education of the university community, inventory of university assets covered by the policies, adoption of unit-level policies designed to meet the unique needs of the unit, and regular review of units to verify compliance.

Campuswide

LSU has adopted the following policies to ensure the security and confidentiality of student records:

  • PS-30 Student Privacy Rights

The purpose of this policy is to inform all concerned of the rights and prerogatives of students under the Family Educational Rights and Privacy ACT of 1974 (FERPA)[14];

  • Annual FERPA Notification

The purpose of the notification is to advise students about their rights with respect to FERPA, outline procedures for those students who wish to inspect and review their educational records, and provide students with limited control over the release of their education records [1]; and

  • PS-113 Social Security Numbers

This policy governs the collection, maintenance, use and disclosure of Social Security Numbers and establishes the LSUID number [15].

LSU and Information Technology Services (ITS)

As records management practices have changed, electronic records have increasingly become the focus of information security efforts. Accordingly LSU, and in particular Information Technology Services, maintains a number of policies, each designed in part to address the security, confidentiality, and integrity of electronic data (including student records):

  •  PS-06.05 (PS-107) Computer Users' Responsibilities;

This policy statement establishes important guidelines and restrictions regarding any and all use of computing resources at, for, or through LSU [16];

  • PS-06.10 (PS-114) Security of Computing Resources

This policy outlines the role and authority of ITS in supporting and upholding the security and integrity of the LSU information technology environment [17];

  • PS-06.15 Use of Electronic Mail (E-mail) Revised Version*

This policy applies to all users of the LSU e-mail system and establishes important guidelines and restrictions regarding any and all use of e-mail at LSU, including retention and retraction of e-mail [18];

  • PS-06.20 Security of Data [19]

This policy outlines the responsibilities of all users in supporting and upholding the security of data at LSU regardless of the user’s affiliation or relation with the university, and irrespective of where the data is located, utilized or accessed;

  • Data Classification

The data is classified into three categories:

  • Confidential
  • Private
  • Public [20];
  • PS-06.25 Privacy of Computing Resources

This policy seeks to facilitate teaching, research, and the overall mission of the university through the authorized use of computing resources and data consistent with the university’s need for limited access by persons other than the account holder when necessary to serve or protect operations within the university or to meet legal requirements; the policy applies to all authorized users of computing resources at LSU regardless of user’s affiliation or relationship with the university and irrespective of where the resources are located, utilized, or accessed [21]; 

  • Draft LSU Information Security Program Summary

This document is a summary of the Information Security Plan of LSU; its purpose is to protect the information systems and resources at the university from malicious attack or misuse and thus ensure the confidentiality, integrity, and availability of those institutional assets [22];

  • ITS Disaster Recovery (and Backup) Document

This document describes ITS' disaster recovery plan and backup procedures [23];

  • ITS Incident Categories

This document describes the six categories of IT security incidents [24]; and

  • ITS Incident Response Flowchart

This document supplements PS-06.20 (Security of Data) with respect to incident and breach responses [25].

Office of the University Registrar                                      

The Office of the University Registrar (OUR) is responsible for the security, confidentiality, and integrity of the official student education records of the university and the maintenance of special procedures to protect that data [1] [14].

The office maintains a series of internal procedures to assure that the security, confidentiality, and integrity of student records is protected. These include the following:

  • Access to the Student Records and Registration database is strictly limited to staff whose job duties require access [1];
  • Student academic records are released only upon execution of a written release by the student or in compliance with applicable law [1]; and
  • Student academic records are retained and destroyed in accordance with the OUR Records Retention Schedule [26].

The university registrar also has final responsibility for the implementation and interpretation of the provisions of PS-30 (Privacy Rights of Students) [14].

Representative Examples of Policies and Practices of Other University Units

Because of the unique functions of the university’s many academic and support units, each unit must adopt its own procedures and practices to implement the previously described institutional policies in a manner designed to fit the exact role of that unit. The following examples are representative of the manner in which the laws described above, LSU System policies, and institutional policies are applied at the unit level. These units are representative because they are large units that handle sensitive data and serve all students.

Student Health Center

Because of the highly sensitive nature of the data received in the course of its daily operations, the Student Health Center (SHC) maintains and enforces a comprehensive set of policies, procedures, and guidelines to assure the security, confidentiality, and integrity of all sensitive data (including student records) [27]. These policies, procedures, and guidelines assure appropriate access to data, release of data only in appropriate circumstances, and compliance with the laws, system policies, and university policies. The following policies, procedures, and guidelines accomplish these purposes:

  • Notice of Privacy Practices for Protected Health Information;
  • Guidelines Pertaining to Confidentiality (of patient information);
  • Patient Bill of Rights; and
  • Patient Privacy [27].

Dean of Students

The Code of Student Conduct (Section 7.9) contains guidance regarding the access to students’ disciplinary records and the maintenance of those records [28].   The Office of Student Advocacy and Accountability maintains an internal policy with respect to student records [29] and follows departmental policy with respect to the destruction of student records [30].

Division of Continuing Education

The Division of Continuing Education’s Online Distance Learning program protects the privacy of student education records in accordance with PS-30 and FERPA [31].

Public Dissemination of Information about Student Records

Detailed information about students’ rights concerning their education records is widely disseminated to students. Sources include the following:

  • LSU General Catalog [1];
  • Registration Schedule of Classes Booklets [32];
  • Office of the University Registrar Website

Annual FERPA Notification [33];

FERPA for Students Tutorial [34];

FERPA for Faculty & Staff Tutorial [35];

FERPA for Parents Tutorial [36];                      

  • Office of the University Registrar Bookmark for Faculty and Staff [37];
  • Office of the University of Registrar Bookmark for Parents [38];
  • PS-30 presentations to faculty and staff. [39]; and
  • FERPA presentations at parent orientations [40].

Mechanisms Established to Assure Compliance with University Policies and Procedures

The Office of the University Registrar takes the following steps to ensure compliance: 

  • Provides an online tutorial concerning FERPA for faculty and staff [35];
  • Provides PS-30 (Privacy Rights of Students) bookmarks to faculty and staff [37];
  • Makes PS-30 presentations to faculty and staff each year [39];
  • Employs an overlay screen regarding PS-30 that users view the first time they access the Student Records and Registration database each day [41]; 
  • Reminds faculty using Moodle each semester, via e-mail, about their responsibilities with respect to the security and privacy of student records [42]; and 
  • Provides myLSU messages on class rosters [43].     

University Processes Implemented to Identify Potential Areas of Risk

Enterprise Risk Management (ERM) 

The Office of Risk Management (ORM) “seeks to identify and mitigate potential risks throughout the university using the ERM process.”  ERM involves “integrating risk discussions into strategic deliberations and identifying the interrelations of risk factors across activities.  Specific characteristics of ERM include:

  • Assessing risk in the context of strategic objectives;
  • Viewing risk holistically, not functionally; and
  • Covering all risk types: compliance, operations, financial, strategic, and mega [44].

LSU ERM reinforces efforts to minimize risks by providing:

  • A central risk focus;
  • Access to useful information (e.g., Websites, newsletters);
  • Simple but effective tools (e.g., risk maps, metrics, self‐assessment approaches); and
  • Opportunities for leaders and subject matter experts to deliberate on risk, integrity, and compliance issues [44].
  • LSU System Internal AuditLSU System Internal Audit conducts an annual risk assessment for audit planning purposes.  More specifically, information technology is one of the key components analyzed during the assessment process [45].
  • Policy/Audit:  During 2006-2008, a campus-wide project to assess the locations of sensitive data, most specifically SSNs, was undertaken in conjunction with the promulgation of a new policy addressing the use and storage of SSNs at LSU [15].  At that time, the location and use of SSNs were inventoried and replaced by an LSU-assigned unique identifier in every instance possible, and strict access rules and procedures were placed on the use of the remaining occurrences of SSNs.  In addition, procedures were put in place to govern and restrict any future uses or right to store SSNs.  LSU Policy Statement 113 (PS-113) contains the specific text that guided those efforts [15]. More information on PS-113 can be found in the GROK knowledgebase [46].
  • Scanning:  The IT Security & Policy Office offers scanning tools to the campus community effective in identifying sensitive information on devices (e.g., desktops, laptops, and servers) [47].
  • IT Security Reviews:  The IT Security & Policy Office performs security reviews (i.e., risk assessments) for various entities on campus to recommend changes to improve the IT security environment and establish best practices [48].
  • External IT Security Reviews:  The Flagship Information Technology Strategy Action Item 5.01 states that “ITS should maintain a standard schedule for periodic external audit of the University’s IT security infrastructure, policies and practices to ensure the integrity of the environment and protection of LSU’s information” [49].  In 2005, 2008, and 2011, the university engaged an outside group of IT security/policy experts from the higher education community to conduct security reviews of the IT environment. The reviews provided an independent, objective assessment of risks/threats at the university.  To date, the university has received reports stating that the IT security/policy environment at the university is “very good” when compared to peer institutions [50]. In addition, the reports have provided recommendations for further enhancing the IT security/policy environment at the institution. The recommendations, however, are confidential and, therefore, not included in this document. 

Data Backup, Continuity Planning, and Disaster Recovery

Business Continuity and Disaster Recovery Plans are the responsibilities of the individual departments and units across campus.  Information Technology Services (ITS) works to backup mission-critical facets required for the effective functioning of the university [23]. A hot-site has been contracted for restoring mainframe data and processing and some Web applications [23].

Responding to Security Breaches

The chief IT policy and security officer complies with state law and university policy with respect to security breaches [8] [17].

Physical Security of Records Storage

Non-electronic records include those maintained in hard copy and on microfilm.  Physical security of such records is accomplished by securing work areas and securing documents in locked work and storage areas. 

Office of the University Registrar

OUR maintains all academic records from the 1870s through 1985 on microfilm.  Copies of the microfilm are stored at the Louisiana State Archives Building.  The original hard copy academic records (student academic ledgers) are stored on site.

The university activated the Student Records and Registration (SRR) database with the fall 1982 semester.  From 1982 through the summer 1985 term, the office maintained hard copy academic ledgers for enrolled students and maintained their records electronically in the SRR database. 

Until 1997, OUR microfilmed all enrolled students’ admission papers and academic source documents (e.g., grade sheets, grade corrections forms, drop/add forms, resignation forms, etc.).  Beginning in 1997 and continuing through the spring 2013 semester, OUR has imaged these documents and stored them on a network-attached storage (NAS) unit in the Frey Building on the LSU campus.  OUR also has imaged all of the hard copy academic records.

Beginning with the summer 2013 term, OUR no longer imaged the admissions papers, as Undergraduate Admissions assumed this responsibility.  See below.

Office of Enrollment

For the purposes of this certification, units in the Office of Enrollment will be addressed separately.      

Undergraduate Admissions:  Undergraduate Admissions is responsible for maintaining files regarding applicants. Files of applicants who do not enroll are maintained for one year after the application term. After one year, the office destroys these records.   Through the spring 2013 semester, the office transferred the custody of the records of applicants who enrolled to OUR. During the fall 2012 and spring 2013 semesters, the office implemented the Nolij imaging system.  All admission documents are now imaged when received. Beginning with the summer 2013 term, the office will transfer the custody of the imaged records to OUR. The Office of Undergraduate Admissions retains student records in accordance with the Enrollment Management Records Retention Schedule [51].

  • Student Aid:  This office is responsible for maintaining the records of students who apply for financial aid. The office maintains the records for five years in accordance with federal regulations and the Enrollment Management Records Retention Schedule [51].Until implementation of the Nolij imaging system during the fall 2012 and spring 2013 semesters, the records were hard copy.  With implementation of Nolij, the records are imaged. These security measures are also relevant to student aid associated with Title IV programs covered in Federal Requirement 4.7.
  • Orientation Office:  The office is responsible for maintaining the records of admitted students who attend orientation. In accordance with the Enrollment Management Records Retention Schedule, the office maintains the placement profiles and exam schedules for the duration of the students’ orientation sessions [51]. 
File Attachments:
  1.  [1] 2013-2014 LSU General Catalog, Privacy and the Release of Student Education Records [1] 2013-2014 LSU General Catalog, Privacy and the Release of Student Education Records
  2.  [2] Family Educational Rights and Privacy Act [2] Family Educational Rights and Privacy Act
  3.  [3] Health Insurance Portability and Accountability Act [3] Health Insurance Portability and Accountability Act
  4.  [4] Gramm-Leach-Bliley Act [4] Gramm-Leach-Bliley Act
  5.  [5] Digital Millennium Copyright Act [5] Digital Millennium Copyright Act
  6.  [6] Title 44. Public Records and Recorders [6] Title 44. Public Records and Recorders
  7.  [7] Data Security Breach Notification Law [7] Data Security Breach Notification Law
  8.  [8] Louisiana State Office of Information Technology Security Policies [8] Louisiana State Office of Information Technology Security Policies
  9.  [9] Permanent Memorandum 36 (PM-36) -: Louisiana State University System Information Security Plan [9] Permanent Memorandum 36 (PM-36) -: Louisiana State University System Information Security Plan
  10. [10] PM-36 Attachment 01, Table of contents and chapters 1-12 [10] PM-36 Attachment 01, Table of contents and chapters 1-12
  11. [11] PM-36 Attachment 02, Glossary of terms [11] PM-36 Attachment 02, Glossary of terms
  12. [12] PM-36 Attachment 03, References to PM-36 [12] PM-36 Attachment 03, References to PM-36
  13. [13] PM-36 Business Associated Contract Addendum [13] PM-36 Business Associated Contract Addendum
  14. [14] Policy Statement 30 (PS-30), Privacy Rights of Students [14] Policy Statement 30 (PS-30), Privacy Rights of Students
  15. [15] Policy Statement 113, Social Security Numbers [15] Policy Statement 113, Social Security Numbers
  16. [16] PS-06.05 (PS-107) Computer Users' Responsibilities [16] PS-06.05 (PS-107) Computer Users' Responsibilities
  17. [17] PS-06.10 (PS-114) Security of Computing Resources [17] PS-06.10 (PS-114) Security of Computing Resources
  18. [18]	PS-06.15 Use of Electronic Mail (E-mail) Revised Version [18] PS-06.15 Use of Electronic Mail (E-mail) Revised Version
  19. [19] PS-06.20 Security of Data [19] PS-06.20 Security of Data
  20. [20] Data Classification [20] Data Classification
  21. [21] PS-06.25 Privacy of Computing Resources [21] PS-06.25 Privacy of Computing Resources
  22. [22] LSU Information Security Program Summary [22] LSU Information Security Program Summary
  23. [23] ITS Disaster Recovery (and Backup) Document [23] ITS Disaster Recovery (and Backup) Document
  24. [24] ITS LSU Incident Categories [24] ITS LSU Incident Categories
  25. [25] Incident Response Flowchart [25] Incident Response Flowchart
  26. [26] Office of the University Registrar Records Retention Schedule [26] Office of the University Registrar Records Retention Schedule
  27. [27] Student Health Center [27] Student Health Center
  28. [28] Dean of Students, The Code of Student Conduct [28] Dean of Students, The Code of Student Conduct
  29. [29] Student Advocacy and Accountability Student Records Policy [29] Student Advocacy and Accountability Student Records Policy
  30. [30] Student Advocacy and Accountability Records Destruction Guide [30] Student Advocacy and Accountability Records Destruction Guide
  31. [31] Division of Continuing Education, Online Distance Learning Policy Regarding Privacy of Student Education Records [31] Division of Continuing Education, Online Distance Learning Policy Regarding Privacy of Student Education Records
  32. [32] Registration Schedule of Classes booklet, Annual FERPA Notification [32] Registration Schedule of Classes booklet, Annual FERPA Notification
  33. [33] Office of the University Registrar Website, Annual FERPA Notification [33] Office of the University Registrar Website, Annual FERPA Notification
  34. [34] Office of the University Registrar Website, FERPA for Students Tutorial [34] Office of the University Registrar Website, FERPA for Students Tutorial
  35. [35] Office of the University Registrar Website, FERPA for Faculty and Staff Tutorial [35] Office of the University Registrar Website, FERPA for Faculty and Staff Tutorial
  36. [36] Office of the University Registrar Website, FERPA for Parents Tutorial [36] Office of the University Registrar Website, FERPA for Parents Tutorial
  37. [37] Office of the University Registrar, Bookmark for Faculty and Staff [37] Office of the University Registrar, Bookmark for Faculty and Staff
  38. [38] Office of the University Registrar , Bookmark for Parents [38] Office of the University Registrar , Bookmark for Parents
  39. [39] Office of the University Registrar, Notifications and Power Point regarding FERPA  and PS-30 presentation for faculty and staff [39] Office of the University Registrar, Notifications and Power Point regarding FERPA and PS-30 presentation for faculty and staff
  40. [40] Office of the University Registrar, OUR Orientation and FERPA Presentation for Parents [40] Office of the University Registrar, OUR Orientation and FERPA Presentation for Parents
  41. [41] SRR database security overlay screen and annual e-mail notification to faculty and staff [41] SRR database security overlay screen and annual e-mail notification to faculty and staff
  42. [42] Moodle users security e-mail notification regarding PS-30 and FERPA [42] Moodle users security e-mail notification regarding PS-30 and FERPA
  43. [43] FERPA message on myLSU class roster [43] FERPA message on myLSU class roster
  44. [44] Enterprise Risk Management [44] Enterprise Risk Management
  45. [45] LSU System Internal Audits for Information Systems [45] LSU System Internal Audits for Information Systems
  46. [46] LSU GROK Knowledge Base for PS - 113 and other security issues [46] LSU GROK Knowledge Base for PS - 113 and other security issues
  47. [47] Sensitive Data Scanning for Personally Identifiable Information [47] Sensitive Data Scanning for Personally Identifiable Information
  48. [48] IT Security and Policy Office Security Reviews [48] IT Security and Policy Office Security Reviews
  49. [49] Flagship Information Technology Strategy Action Item 5.01 [49] Flagship Information Technology Strategy Action Item 5.01
  50. [50] State of Information Technology Security Progress Review, November 29-December 1, 2011 [50] State of Information Technology Security Progress Review, November 29-December 1, 2011
  51. [51] Enrollment Management Records Retention Schedule [51] Enrollment Management Records Retention Schedule
Author: Stephenie Franks
Last modified: 7/1/2015 7:33 AM (EST)