About OIT About the OIT
Directories Directories
Connect to Network Connect to Network
Network Services Network Services
Security IT Security
Voice Services Voice Services
Cable TV Cable Television
Computing Computing
Information Resources Information Resources
Committees IT Committees
Jobs IT Jobs at UCSB
 
spacer spacer
spacer Office of Information Technology  
spacer
spacer
           
spacer
spacer
spacer view site index contact OIT staff
spacer
spacer
  OIT Home > Security > Final signoff process for Government Licensed Datasets
spacer spacer
 

Final signoff process for Government Licensed Datasets

 

This is the process for obtaining Information Security Officer (ISO) signoff and Senior Official (SO) final institutional sign-off for government licenses to use datasets with personally identifiable information (PII) or personal health information (PHI). Example sources of these data sets include the Institute for Education Sciences and federal or state Departments of Health. All licenses that require security signoff must use this process. The office of Technology and Industry Alliances facilitates this process. Most license signoffs do not require a meeting with the ISO or the SO.

  • First determine if you have special requirements for handling sensitive information. Generally the license documents will specify a range of security controls that must be met in order to qualify for the license. These controls must be in place before the dataset is received, and the controls must be maintained until all sensitive data is disposed of in accordance with the license.
  • Arrange for security controls required by the license with your department. Depending on the dataset these may include door locks off of master, locked storage, PC with required software not connected to the network, and other controls.
  • Complete the required security plan document reflecting the controls that you have established.
  • Obtain all signatures on the license document, the security plan and if required notarized affidavits, within your department. For most licenses this will be the signature and affidavit from the researcher, the faculty sponsor, and all people with access to the locked office that will house the data.
  • Complete the UCSB MTA Incoming form from the Technology and Industry Alliances web site at http://tia.ucsb.edu/wp-content/uploads/2012/11/MTA-Incoming-Form.pdf
  • Most licensors require wet (ink on paper) signatures and original notarizations. Scanned or faxed documents are not acceptable. Send the original signed license, security plan, MTA incoming form, and notarized affidavits to Jenna Nakano in the Office of Technology and Industry Alliances at Campus mail code 2055.
  • The TIA office will verify that all documents have been properly prepared and forward the license, security plan and affidavit to the ISO for final signoff.
  • ISO may contact the researcher, faculty sponsor and/or department IT staff to review or audit security controls before signoff. The ISO reserves the right to inspect or audit security controls at any time during the term of the license to ensure that required controls are maintained.
  • ISO will sign the license, security plan, and complete the notarized affidavit. These original documents will be returned to the TIA office for final processing and transmission to the government agency supplying the dataset.

CIR

  spacer
spacer University of California Santa Barbara Home Page
  Copyright 2003-2017 The Regents of the University of California, All Rights Reserved
Web contactTerms of UseAccessibility
Last modified: 4/29/2014
  spacer