Summary
If a UWM campus unit receives a “data breach” notification from its IT service vendor, the affected UWM campus unit must immediately notify UWM’s Chief Information Officer and Chief Information Security Officer. To do so, an email message should be sent to this address: abuse@uwm.edu.
UWM must comply with UW System policy provisions and formal campus procedures on “incident response.” Moreover, in the event of a verified data breach, UWM must adhere to statutorily-required time limits for sending victim notifications.
UWM campus leaders should regularly share information on this required practice with relevant colleagues in their respective schools, colleges, and divisions.
Authority: Pursuant to Regent Policy Document 25-5 and UW System Presidential Directive, the CIO is currently the Chancellor-appointed “Information Security Designee” for our campus. As Designee, the CIO has individual responsibility for “all the information technology environments” used by UWM.