Policies
OHSU's Information Technology Management Policy (No. 11-10-001) states that the Information Technology Group (ITG) shall have overall responsibility for providing information technology (IT) resources to support the OHSU missions at the direction of the President and the Executive Vice President.
Standards for application, development, maintenance, and security shall be created and revised by ITG management.
Technical Directives
| Roles and Responsibilities | Number | Effective Date |
|---|---|---|
| Department IT Responsibilities | 05-9802 | January 1998 |
| ITG General Responsibilities | 05-9803 | January 1998 |
| ITG Standards | ||
| Standardization of Core Applications | 15-9801 | January 1998 |
Related policies, procedures, and forms
Acceptable Use of Computing and Telecommunications Resources
Information Technology Management
Definitions for the levels of support provided for ITG services
Public Network Subdirectory [restricted]
Use of "Transfer" Network Subdirectory [restricted]
Network Port Retrieval (jack cools) [restricted]
Records Retention
REPORTING SECURITY INCIDENTS
- What is an information security incident?
- Any unauthorized attempted or successful access, use, disclosure, or destruction of information, or interference with system operations.
- Examples include viruses, worms, hackers, password sharing, copyright violations, piracy, and computer or device theft.
- For more detailed information regarding Information Security Incidents review the OHSU Information Security Incident Reporting Procedures.
- Reporting of suspected or known information security incidents is a critical component of OHSU’s information security program. All OHSU users are required to report such incidents and may do so either by name or anonymously.
- Where do I report misuse of email?
- For inappropriate email such as spam, porn, news lists, other unwanted or inappropriate email, sign up for the Anti-Spam filter. You must login with your OHSU user ID and password to set this up.
- Note: All new accounts are automatically enrolled in the Anti-Spam filter.
- If the issue is not resolved through the first two methods, forward the inappropriate email to the Help Desk. Please note what action you'd like the Help Desk to take. The Help Desk will assess what can or cannot be done and advise or escalate as appropriate.
- For inappropriate use or policy violations, such as inappropriate workplace behavior, general disrespect, Code of Conduct violations, or Acceptable Use Policy violations, report the incident to the OHSU Integrity Office at 4-8849 or oips@ohsu.edu. Reports can also be made anonymously to the OHSU Compliance Line at 877-733-8313.
- Where do I report strange computer behavior?
- If your computer is responding very slowly to your typing, if unexpected windows pop up on your screen, if your Web browser suddenly doesn't open to your default home page, or if there's some other strange behavior, your computer may have a virus or malware on it.
- Run a virus scan using McAfee VirusScan.
- Download and run Spybot Search & Destroy to remove malware. If the strange behavior persists, contact the Help Desk: 4-2222
- Run a virus scan using McAfee VirusScan.
- Where do I report security breaches involving sensitive information such as patient information, student information, or employee information?
- The Office of Integrity handles incidents like these:
- unauthorized access, use or disclosure of electronic restricted information
- electronic fraud
- copyright violations and piracy
- Contact the Office of Integrity at 4-8849.
Reports can also be made anonymously to the OHSU Compliance Line at 877-733-8313. - Where do I report lost or stolen equipment?
- Call Public Safety immediately: 503-494-7744.
- If the lost or stolen equipment included any restricted information (protected health information, student information, employee information), also contact the OHSU Integrity Office at 4-8849 or oips@ohsu.edu.
