Security and Privacy Policies

A large number of federal and state laws affect UW polices on security and privacy.

• Information Security and Privacy Laws and Regulations – A list maintained by the Office of the Chief Information Security Officer.
• University’s Information Security and Privacy Policies – Data stored using a cloud service is still considered a UW record. When using a cloud-based platform, you are responsible for following the University’s Administrative Policy Statements regarding information security and privacy.
• Confidential Data Risk Guide – The UW Confidential Data Risk Guide (CDRG) is intended to help you make informed decisions about protecting UW confidential data. The confidential data type identifies the data entrusted to UW that must be protected according to laws or regulations that bestow an information security or privacy obligation on the UW.