To minimize threats to the UI telecommunications network, any device that is connected to it must meet baseline security standards: up-to-date operating systems and software, anti-virus software, and strong passwords. Users must also work with their IT support provider, cooperate with the IT security office, submit to system vulnerability scans as necessary, and immediately report possible compromises.

All university website content must conform to Web Content Accessibility Guidelines 2.0, Level AA. Information Technology Services provides training and support through the IT Accessibility group. For more information, contact Todd Weissenberger (todd-weissenberger@uiowa.edu).

Institutional data--things like health or personnel records, financial reports, grades, or research files--is classified by level of sensitivity (low, moderate, high) and must comply accordingly with specific laws and procedures. This policy outlines the principles that guide institutional operations in protecting and sharing confidential information. It addresses data disposal, data on mobile devices, preventive measures, backup and recovery, access control measures, and audits documenting access to the data.

Access to institutional data is limited to those who need it for business purposes. Confidentiality is required for sensitive data, and security measures must be in place to protect data from unauthorized modification, destruction, or disclosure. Please familiarize yourself with the data types and requirements for each. An Institutional Data Users Group (IDUG) was formed to offer guidance. For details, visit https://itcommunities.uiowa.edu/communities-list/institutional-data-users-group

For a full list of IT security policies and training materials are available at https://itsecurity.uiowa.edu/policies-standards-guidelines. For questions, please contact the Information Security & Policy Office at it-security@uiowa.edu.