CSU, Bakersfield

Information Security

Global Links

• Home
• Departments
• Contact Us
• Personnel
• CSUB Home

Navigation Links

Computer Use Policy

Campus Password Policy

Contacts

Definition of Confidential Info.

Desktop Security

Desktop Security Reviews

Good Security Practices

Incident Report Process/Form

Information Security Blog

Information Security Plan

Information Security Policy

Security Awareness

Supplemental I.S. Policies

Laws & Regulations

Application for Database

Red Flag

Use of Instant Messaging & Other Transitory Communication Technologies

CSUB Information Security Policy
Date in Effect: November 2009
Policy Title: Use of Instant Messaging & Other Transitory Communication Technologies
Reference: CSU System-Wide Information Security Policy, 11.4 - Information System Logs

Instant Messaging and other types of communication technologies shall not be used for communicating messages that would constitute official business records of the University, nor shall these types of technologies be used for transmitting Level 1* confidential data, as defined by the University Information Security Policy.

• Confidential Information (Level I)
  

  The following are considered Level I confidential information based on the significance of this information for the prevention of identity theft. Furthermore, as per the California Security Breach Information Act (SB 1386), any breach in the following information of any California resident that is unencrypted must be notified accordingly. SB 1386 defines a breach as "unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information."

  • Social Security Number paired with last and first name or first initial
  • Drivers license number or California identification card number paired with last and first name or first initial
  • Bank account number or credit card number paired with last and first name or first initial
  
  
• Confidential Information (Level II)
  

  The following Level II information should be "guarded" from access to unauthorized persons. This information is considered personal information and is regulated by various federal laws as well as CSU policy. Though this information does not require notification of breach, certain fines may apply if this information is mishandled. The guiding laws and policies for Level I information include FERPA, HIPPA, the Information Practices Act of 1977, California Public Record Act, and CSU policy HR 2003-05. All faculty and staff given access to the following information must complete and sign the CSUB Confidentiality Access and Compliance form. Student assistants given access to the following information must complete and sign the Banner Confidentiality Agreement.

  Students:

  • Any information in students' educational records that is not listed as non-confidential information.

  Faculty and Staff

  • Ethnicity
  • Gender
  • Home Address
  • Physical Description
  • Home telephone number
  • Medical history
  • Performance evaluations
  • ID card picture