{"id":1725,"date":"2024-08-05T19:54:06","date_gmt":"2024-08-05T19:54:06","guid":{"rendered":"https:\/\/www.tarleton.edu\/security-controls-catalog\/?page_id=1725"},"modified":"2024-09-05T01:21:11","modified_gmt":"2024-09-05T01:21:11","slug":"pt-1-personally-identifiable-information-processing-and-transparency-policy-and-procedures","status":"publish","type":"page","link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/personally-identifiable-information-processing-and-transparency-pt\/pt-1-personally-identifiable-information-processing-and-transparency-policy-and-procedures\/","title":{"rendered":"PT-1: Personally Identifiable Information Processing and Transparency \u2013 Policy and Procedures"},"content":{"rendered":"\n<h1 class=\"wp-block-heading has-large-font-size\">PT-1: Personally Identifiable Information Processing and Transparency \u2013 Policy and Procedures<\/h1>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>Privacy Baseline: &nbsp;<\/strong>Yes&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>Not Required by DIR or TAMUS (Discretionary)<\/strong>&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>Review Date: \u00a0<\/strong>07\/31\/2024\u00a0<\/h2>\n\n\n\n<hr class=\"wp-block-separator alignfull has-text-color has-tarleton-purple-color has-alpha-channel-opacity has-tarleton-purple-background-color has-background is-style-wide\"\/>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><strong>Purpose &#8211;<\/strong>&nbsp;<\/h3>\n\n\n\n<p>The Personally Identifiable Information (PII) Processing and Transparency Policy and associated controls document the requirements for managing risks associated with security and privacy assurance.&nbsp;<\/p>\n\n\n\n<hr class=\"wp-block-separator alignfull has-text-color has-tarleton-purple-color has-alpha-channel-opacity has-tarleton-purple-background-color has-background is-style-wide\"\/>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><strong>Scope and Roles &#8211;<\/strong>&nbsp;<\/h3>\n\n\n\n<p>This policy applies to information resources owned or managed by Tarleton State University (Tarleton). The intended audience includes all involved in hiring and personnel management, the Tarleton Chief Information Officer (CIO), Chief Information Security Officer (CISO), and information resource owners and custodians.&nbsp;<\/p>\n\n\n\n<hr class=\"wp-block-separator alignfull has-text-color has-tarleton-purple-color has-alpha-channel-opacity has-tarleton-purple-background-color has-background is-style-wide\"\/>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><strong>&nbsp;Compliance &#8211;<\/strong>&nbsp;<\/h3>\n\n\n\n<p>PII Processing and Transparency controls are implemented to ensure compliance with the Texas Department of Information Resources (DIR) Security Control Standards Catalog as required by Title 1 Texas Administrative Code <a href=\"https:\/\/texreg.sos.state.tx.us\/public\/readtac$ext.TacPage?sl=R&amp;app=9&amp;p_dir=&amp;p_rloc=&amp;p_tloc=&amp;p_ploc=&amp;pg=1&amp;p_tac=&amp;ti=1&amp;pt=10&amp;ch=202&amp;rl=76\" target=\"_blank\" rel=\"noreferrer noopener\">\u00a7202.76<\/a> and Texas A&amp;M University System (TAMUS) <a href=\"https:\/\/policies.tamus.edu\/29-01-03.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Regulation 29.01.03, Information Security<\/a>.&nbsp;&nbsp;<\/p>\n\n\n\n<hr class=\"wp-block-separator alignfull has-text-color has-tarleton-purple-color has-alpha-channel-opacity has-tarleton-purple-background-color has-background is-style-wide\"\/>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\">I<strong>mplementation &#8211;<\/strong>&nbsp;<\/h3>\n\n\n\n<ul class=\"wp-block-list its-nested-list\">\n<li>The Tarleton CISO, in coordination with information resource owners and custodians, shall develop, document, and disseminate a set of controls that addresses the PII Processing and Transparency for information resources. These controls should:&nbsp;\n<ul class=\"wp-block-list\">\n<li>Address purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and&nbsp;<\/li>\n\n\n\n<li>Be consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines.&nbsp;<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Information resource owners and custodians are responsible for any procedures to facilitate the implementation of the PII Processing and Transparency controls in order to ensure proper security protocols regarding privacy of PII;&nbsp;&nbsp;&nbsp;&nbsp;<\/li>\n\n\n\n<li>The Tarleton CISO, or their designee, shall review and update the PII Processing and Transparency controls as necessary.&nbsp;<\/li>\n\n\n\n<li>Tarleton is subject to Open Records Requests per <a href=\"https:\/\/statutes.capitol.texas.gov\/Docs\/GV\/htm\/GV.552.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Texas Government Code Chapter 552<\/a>.&nbsp;<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator alignfull has-text-color has-tarleton-purple-color has-alpha-channel-opacity has-tarleton-purple-background-color has-background is-style-wide\"\/>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><strong>References\/Additional Resources<\/strong><\/h3>\n\n\n\n<p><a href=\"https:\/\/www.whitehouse.gov\/sites\/whitehouse.gov\/files\/omb\/circulars\/A130\/a130revised.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">OMB A-130<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/statutes.capitol.texas.gov\/Docs\/GV\/htm\/GV.552.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Tex Gov\u2019t Code Chapter 552<\/a>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>PT-1: Personally Identifiable Information Processing and Transparency \u2013 Policy and Procedures Privacy Baseline: &nbsp;Yes&nbsp; Not Required by DIR or TAMUS (Discretionary)&nbsp; Review Date: \u00a007\/31\/2024\u00a0 Purpose &#8211;&nbsp; The Personally Identifiable Information &#8230;<\/p>\n","protected":false},"author":1,"featured_media":580,"parent":1514,"menu_order":1,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"inline_featured_image":false,"advgb_blocks_editor_width":"","advgb_blocks_columns_visual_guide":"","footnotes":""},"class_list":["post-1725","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"coauthors":[],"author_meta":{"author_link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/author\/brian-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-3\/","display_name":"brian"},"relative_dates":{"created":"Posted 2 years ago","modified":"Updated 2 years ago"},"absolute_dates":{"created":"Posted on August 5, 2024","modified":"Updated on September 5, 2024"},"absolute_dates_time":{"created":"Posted on August 5, 2024 7:54 pm","modified":"Updated on September 5, 2024 1:21 am"},"featured_img_caption":"","featured_img":false,"series_order":"","_links":{"self":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1725","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/comments?post=1725"}],"version-history":[{"count":0,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1725\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1514"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/media?parent=1725"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}