Skip to body

Security Services

Polices and Guidance

Central Washington University Security Services department is responsible for coordinating the development and dissemination of information security policies, standards, and guidelines for the institution. Security Services is also responsible for coordinating various regulatory compliance efforts as they relate to information technology systems.

Policy Framework

The following policies and procedures were approved on June 4th, 2014 by the University Policy Advisory Committee (UPAC). They are intended to serve as the foundational governance framework for future policies, procedures, and guidelines.

 - Policies - 

2-70-010   Information Security and Privacy Roles and Responsibilities

2-70-020   Data Classification and Usage Policy

2-70-030   Information Security and Privacy Incident Management Policy

2-70-040   Payment Card Policy

2-70-050   Information Security Controls

- Procedures -

7-70-010 Information Security and Privacy Management Procedure

7-70-050 Payment Card Procedures


Regulatory Reference

Washington State RCW 43.41A.027 - Security Standards and Policies

Washington State RCW 19.255.010 - Disclosure, Notice - Definitions - Rights, Remedies

Washington State RCW 42.56.420 - Security

Washington State OCIO Policy No. 141 - Securing Information Technology Assets

Washington State OCIO Policy No. 141.10 - Securing Information Technology Assets Standards

PCI Security Standards Council

Family Educational Rights and Privacy Act 34 CFR Part 99 (FERPA)

Health Insurance Portability and Accountability Act of 1996 (HIPAA)