Electronic Data Security Breach Reporting and Response | Policies

TC Web Authentication
Welcome!Log In

Electronic Data Security Breach Reporting and Response

Procedures for response to data security breach incidents.

Owner: Information Technology

Short Description

Procedures for response to data security breach incidents.

Purpose

Federal and state statutes require the notification of governmental agencies and affected individuals when there is reason to believe that legally protected data held by or for the College in certain circumstances was acquired by someone without valid authorization.

 

The purpose of this policy is to establish procedures to prepare and respond to data breach incidents, including the determination of the systems or applications affected if data has been corrupted, what specific data was compromised, and what actions are required for forensic investigation and legal compliance.

 

A data breach is defined as an incident that exposes confidential or protected information without authorization.

 

Scope

This policy applies to all students, staff, faculty members, officers, employees, and affiliates of Teachers College, Columbia University, including extended learning sites, guests, tenants, visitors, contractors, consultants, vendors, individuals authorized by affiliated institutions and organizations, and all others granted use of and/or access to Teachers College, Columbia University technology resources and data.

 

Policy

Any suspected or confirmed compromise of protected electronic data must be reported to the Chief Information Officer (CIO), Executive DIrector of Information Security, and/or the Service Desk.  

Any individual responsible for a system containing protected data that may have been compromised must take immediate steps to secure that system and preserve it without change. The Vice President of Administration will convene a Response Team (RT), including as appropriate, the General Counsel, the CIO, the Ex. Dir. Information Security, the responsible Director(s) of IT, the VP of Institutional Advancement, the Director of Public Safety, the Vice Provost, the Risk Manager and others.

 

Procedures 

The Information Security Office will establish detailed internal procedures for compliance, external and internal communications, oversight of the investigation, and technical support associated with a suspected or actual breach of Sensitive Data. The specific incident response procedures are set forth in the applicable Information Security and Privacy Incident Procedure and Checklist. 

The general steps in response include the following: 

  1. Incident Categorization Incidents will be categorized based on the Information Security Office’s internal procedures. Based on the severity of the incident, an appropriate response action will be taken.
  2. Response and Recovery The RT may call upon any necessary additional offices and resources required to carry out the investigation and remediation of any breach. This expanded RT will be responsible for the investigation of the incident and any technical support required. Incident team members will include representatives of affected Data Owners and any other units responsible for the Information Resources involved. The RT will designate one senior person from the team that will be responsible for facilitating communications for status updates, executive briefings, and allow the other RT members to focus on investigation and remediation of the breach. Any individual responsible for an Information Resource containing Sensitive Data that may have been compromised must take immediate steps to secure that system and preserve it without change. 
  1. Lessons Learned After an incident has been resolved, an incident report will be created and distributed to the RT. The RT will then convene to discuss the security controls that failed and establish the steps necessary to prevent or limit the risk of the incident recurring.

 

To Report a breach of Sensitive Data, contact:

TCIT Service Desk: servicedesk@tc.columbia.edu or 212.678.3300

TCIT Information Security: infosec@tc.columbia.edu

 

Responsible Office: Teachers College Information Technology

Effective Date: February 1, 2021

Last Updated: November 1, 2022

Back to skip to quick links