archive

2019 Compliance and Information Security Training

Dear Colleagues,

As we embark upon a new academic year, Human Resources and Information Technology Services will launch a series of compliance programs during the fall semester. The programs are designed to reflect Loyola University Chicago’s commitment to creating and fostering an environment where faculty, staff, and students can work together while simultaneously taking the necessary steps to secure personal information safely.

This fall semester we will launch Loyola’s Information Security Awareness program in alignment with the University’s commitment to implementing preventative measures that protect the personal information of faculty, staff, and students, as well as University information assets. In addition, the annual Harassment Prevention training program will take place as part of our collaborative efforts to continue creating a more caring and inclusive campus culture.

Human Resources and Information Technology Services thank you in advance for completing the required training programs. Taking time to complete these compliance courses affirms your commitment to promoting the prevention of all forms of harassment, showing a high level of respect to your colleagues and protecting the privacy of personal data.

Timetable
In the upcoming weeks, faculty and staff members will receive communications regarding the compliance initiatives. Below is an approximate timeline to help you plan your schedule.

During the week of September 9, faculty and staff will receive an email from datasecurity@LUC.edu containing information about Information Security Policy Acceptance, which must be completed by October 4. During the week of September 16, faculty and staff will receive an email containing information about the training programs that must be completed by October 18.

• The Harassment Prevention training invitations will arrive from 
  hr-training@LUC.edu.
• Information Security Awareness and Basic Compliance training invitations will arrive from notifications@securityiq-notifications.com.
• Faculty and staff members required to complete advanced Health Insurance Portability and Accountability Act (HIPAA) awareness training will receive invitations from hipaa-privacy@LUC.edu.

Information Security Policy Acceptance
As part of the University’s financial compliance, Payment Card Industry (PCI) standards require all faculty and staff members to read and understand the University’s Information Security Policy. Fulfilling our compliance responsibilities allows the University to continue collecting credit card payments. All faculty and staff members, regardless of their role in accepting credit card payments, are required to complete this acceptance task. Security requirements among credit card companies have become more stringent, necessitating that all faculty and staff take this additional step acknowledging the University’s policies regarding safe computing practices and the handling of personally identifiable information, which includes credit card information.

Harassment Prevention Training
Loyola maintains a zero-tolerance policy regarding all forms of harassment; harassment is a violation of University policy and is prohibited by law. In the spirit of upholding the University’s values, we encourage you to prepare to complete the upcoming mandatory annual Harassment Prevention training. This next phase of Harassment Prevention education represents consecutive training beyond the second phase, which we administered in 2018–2019, and supports Loyola’s commitment to building and preserving a welcoming, inclusive, and respectful campus community.

Information Security Awareness and Basic Compliance Training
In today’s world of ever-changing information security threats, awareness training is one of the best ways to protect yourself and the University; to prevent data breaches and loss; to ensure the confidentiality, integrity, and availability of the academic and personal information that is entrusted to us by our students and fellow faculty and staff members; and to reduce costly errors. Awareness and compliance training increases awareness of Loyola’s security policies, procedures, and best practices; shares some of the pitfalls and actions you can take to handle and protect this information properly; and reinforces the responsibility that everyone at Loyola has to protect University assets.

Advanced HIPAA Training
As part of Loyola’s efforts to secure personal health information (PHI), the University has implemented advanced required training as part of our efforts to remain in compliance with HIPAA. Our annual HIPAA compliance efforts are designed to ensure that we protect the PHI of all individuals and to prevent that information from being used in any manner detrimental to the individual.

Health information is both personal and private; it therefore should be disclosed only to those who have a right or legal need to know. A portion of HIPAA mandates that all faculty and staff members with the potential to have contact with PHI are required to complete more advanced HIPAA awareness training to build and develop the necessary knowledge and skills to protect PHI.

Thank you for your participation and dedication to keeping Loyola not only a harassment-free workplace but also a campus community committed to continual learning and development.

Sincerely,

Winifred L. Williams, PhD
Vice President, Chief Human Resources Officer
Chief Diversity and Inclusion Officer

Wayne Magdziarz
Senior Vice President, Chief Financial Officer, and Chief Business Officer

Susan M. Malisch
Vice President, Chief Information Officer