IT security at U-M is a shared responsibility, with rights and responsibilties spelled out in policies and standards, regulations, and contractual agreements.
U-M IT Policies & Standards
- Information Technology Policies. Policies and standards that govern IT and data protection at all U-M campuses and Michigan Medicine.
Sensitive Data Policies and Regulatory Compliance. Federal and state laws and regulations, as well as industry standards, require U-M to apply certain security safeguards around various categories of sensitive institutional data.
ITS Suite of HIPAA Policies. ITS HIPAA policies that can be adapted for use by other U-M departments or units.
Internal Control Annual Certification Process. Requires unit leadership to annually certify level of compliance with particular security practice or process.