Department of Information Security
The Department of Information Security serves as fundamental technical safeguard for The University of Tennessee Health Science Center. We promote an environment of great ethical standards and observe numerous regulatory risks by:
- Advancing effective ways to prevent security risk through collaboration with the university community
- Educate employees and the student body concerning their role in the University of Tennessee Health Science Center information security program(s).
- Identifying security risks faced by the University.
- Encouraging an ethical environment that encourages information security preventions
- Promoting constant awareness of information security and the objectives of our security program through outreaching events
- Effective training aimed at the entire UTHSC body in the numerous areas of information security
- Providing a workplace that enables employees to participate in the compliance program without fear of retribution.
Roles and Responsibilities
The Department of Information Security is responsible for planning, executing, and overseeing all staples of computing safety at UTHSC.
The department’s primary responsibilities include the following:
- Ensuring that the University of Tennessee Health Science Center complies with all applicable federal mandates, state, local and university policies and standards
- Preventing, detecting, and reporting civil/criminal conduct concerning computing and abuse violations by its employees, students and/or contractors
- Constructing and carrying out the university compliance risk assessment process (es)
- Assisting departments and areas in operating properly according to their respective compliances by recommending developed controls or providing services such as conveying the need for new procedures, resources, or stronger enforcement or working as a liaison between multiple parties
- Responding to and investing information security incidents
- Collaborating with the University community to develop innovative and effective ways to alleviate compliance risk
- Reporting regularly to the superior UTHSC Compliance & Information Security offices and all other corresponding Compliance offices (e.g. UTSA)
- Upholding the University's Code of Conduct at all times