Information Security
Policies and Guidelines
The following policies and guidelines apply to the VCU environment. It denotes certain regulations and policies for the handling and access of University resources.
VCU Information Security Policies and Guidelines
- Confidential Information and Privacy [PDF]
- Data Classification Guidelines [PDF]
- Email Transmission of Confidential Data [PDF]
- Password Standard [PDF]
- Remote Access Standard [PDF]
- Research Data and Intellectual Property Standard [PDF]
- VCU Information Security Standards [Word]
VCU ACE Security Policies
The VCU Affiliated Covered Entity (ACE) Security Policies apply to all personnel who have access to any Electronic Protected Health Information (EPHI). This set of policies encompasses the regulation of workstations and personnel on the VCUHS, VCUSecNet and VCUSecureNet networks. Since most of School of School of Medicine is operating on the aforementioned networks, it is imperative for any EPHI data handlers to review and ensure compliance to these policies.
