Information Security Office
[back to top]
The university's resource for guidance on information security compliance. We are here to help clarify what is necessary in today's rapidly changing technology environment to keep electronic information as safe, secure and protected as is reasonably possible. Depending on the type of data, compliance with specific legal requirements such as HIPAA, FERPA, PCI, etc. may also be necessary. We frequently work in conjunction with the Privacy Office, others within the Audit Services and Compliance area, IT Enterprise Security, and other professionals to provide guidance and keep you informed of your responsibilities in these areas. The CISO is available to speak with your group, department, school or other university organization on a variety of information security compliance topics.
Customer service, responsiveness and a reasonable approach to security compliance initiatives without compromising the university's security posture, are top considerations of the Information Security Office. We work with and communicate with university constituents at all levels to ensure we are not taking an "ivory tower" approach to implementing processes necessary to reasonably assure the security of university data and maintain compliance with applicable laws and regulations. We strive to ensure that all information security initiatives are designed to provide a high-level of security over information resources while preserving and enhancing system availability.
The Information Security Office's Chief Information Security Officer (CISO) is the University's Senior Information Security Officer. The CISO oversees security policies, standards, audits and evaluations, as well as university-wide information security awareness. The CISO coordinates information security compliance efforts and activities across the university. This includes university information security compliance oversight, information security strategies, as well as coordination of security efforts related to patient, provider, employee and other confidential business information covered by the Health Information Portability and Accountability Act of 1996 (HIPAA). The CISO works in concert with the University's Privacy Officer to ensure HIPAA compliance in all systems and activities. The CISO serves as the university's representative on Homeland Security issues and issues related to the USA Patriot Act.
The success of the University's Information Security initiatives are not possible without the support of the University of Louisville, faculty, staff and students. We maintain an open door policy and welcome all comments and suggestions regarding Information Security.
We are located at:
University of Louisville
425 W. Lee Street
Louisville, Kentucky 40208
e-mail: isopol @ louisville.edu
(Remove spaces in email address, there to minimize spam)