Please report any problems to wiki-admin(a)lists.wisc.edu or use our support form. For more info Shared Tools KB
Skip to end of metadata
Go to start of metadata
 

Collection of Personal Identity Information via Email

The policy prohibits Collection of Personal Identity Information via Email (COPE). This helps protect faculty, staff and students from phishing scams that pose as requests from the university.

Policy is effective as of Feb 11, 2009, Revised Jun 29, 2009. See: http://www.cio.wisc.edu/policies.

The history of the policy and ongoing implementation activities are documented below.

 

Meeting Schedule

Relevant Future Meetings

Documents

 

To comment on draft documents or any other aspect of IT policy, please add your comments at the bottom of the page in question, or send email to policy@cio.wisc.edu. Comments are welcome on any document at any time.

 

History

 

Activity

06/29/09

Revised language of COPE Policy is adopted. (Policy has been effective with prior language since Feb 11, 2009.)

06/26/09

Comment period ends. No comments received.

06/24/09

Communications meeting. Discussed vetting and communications.

06/18/09

Requested input on draft policy from MTAG, deadline June 26.

06/16/09

Communications meeting. Discussed vetting and communications.

06/12/09

UW-MIST is asked to review the draft policy, deadline June 26.

06/03/09

Revised COPE Plan. Minor changes to draft policy.

05/21/09

PPT Meeting. Revised COPE Plan.

05/20/09

First draft of policy.

05/08/09

Created COPE Plan.

04/06/09

Reported status at the IT Policy Forum.

02/11/09

The CIO sends an email message to all acaddemic and administrative directors outlining the need for the policy as well as alternative means of collecting personal identity information electronically. The announcement puts the policy in effect. Quick action was required in order to allow OCIS to proceed with the educational campaign using the stronger language.

01/2009

The CIO consults with university leaders regarding the need for a policy that UW-Madison will not request personal identity information via email. Leadership also considers alternative methods of collecting the information electronically (for example: through the My UW portal.)

12/2008

OCIS develops Phishing Scam Awareness campaign to help protect faculty, staff and students from phishing schemes that resemble requests from university departments. It becomes increasingly clear that "as a general rule" is not strong enough to be effective.

11/2008

The Credential Safeguarding Taskforce recognizes that the best that can be stated is that as a general rule UW-Madison will not request restricted information via email.

Additional Pages

Contact

 

Contact

  • No labels