Appendix D: Federal Data Security Policies

Appendix D: Related Federal Data Security Policies

This site constitutes a dynamically changing security protocol. This is only the beginning of its possibilities. It is designed to assist Indiana School Boards, Administrators, and Teachers to implement safe data and information systems. As schools develop policies and encounter changing technological systems, there will be a need for amendments to this document. If school districts would like to share documents that could be used on this site as examples, we would welcome that. Suggestions, additions, comments, or questions about this protocol should be directed to the webmaster at <securityinfo@purdue.edu>. Thank you.

The following resources are examples of data security policies on a broader scale:

1. National Institute of Standards and Technology [NIST], Computer Security Resource Clearinghouse, Federal Requirements and Policy Examples (May 4, 2000), http://csrc.ncsl.nist.gov/policies/welcome.html
2. The National Security Telecommunications and Information Systems Security Committee [NSTISSC], Library of Data Security Policy Documents (March 7, 2000), http://www.nstissc.gov/html/library.html
3. Organization of Economic Co-operation and Development [OECD], "Guidelines on the Protection of Privacy and Transborder Flows of Personal Information" (January 5, 1999),    http://www.oecd.org//dsti/sti/it/secur/prod/PRIV-EN.HTM
4. OECD, "Guidelines for the Security of Information Systems," (July 1, 1997), http://www.oecd.org//dsti/sti/it/secur/prod/e_secur.htm
5. OECD, "Implementing the OECD Privacy Guidelines in the Electronic Environment:
focus on the Internet," (October, 1997) http://www.oecd.org//dsti/sti/it/secur/prod/reg97-6e.pdf

Questions? Comments? Suggestions? Additions? Send them to the webmaster at securityinfo@purdue.edu.