Events

Subscribe to KUMC Events Calendar via Outlook

RSS RSS of Events

Information for:

Students
Faculty & Staff
Researchers
Patients
Prospective Employees
Alumni | Donors

Academics

ANGEL | JayDocs
The Beat
Enroll & Pay
Dykes Library
Academic Calendar
More Student Services

Email Outlook
myKUMC myKUMC
SharePoint SharePoint
HR/Pay HR/Payroll System

Patient Clinical Logging
Secure File Transfers
VPN

KUMC Leadership
Facilities & Maintenance
Human Resources
Information Resources

  1. KUMC A-Z:
  2. A
  3. B
  4. C
  5. D
  6. E
  7. F
  8. G
  9. H
  10. I
  11. J
  12. K
  13. L
  14. M
  15. N
  16. O
  17. P
  18. Q
  19. R
  20. S
  21. T
  22. U
  23. V
  24. W
  25. X
  26. Y
  27. Z
  28. all

Web Servers: Appropriate Use

Policy

KUMC web servers are provided only for the distribution of information services and resources to the KUMC community and to the general public.

Purpose

Web servers are located outside the University's private network and, thus, are more vulnerable to intrusion and other forms of security compromise. The purpose of this policy is to assure that only information intended for general distribution (whether to the KUMC community or to the public) is stored on web servers.

Resources covered

All KUMC web servers and all files, applications, forms, and other information services and resources available on those servers.

Groups covered

KUMC faculty, staff, and students and all other individuals provided accounts on KUMC web servers

Definitions

KUMC web server: www.kumc.edu , www2.kumc.edu, elearning.kumc.edu, wichita.kumc.edu and the database servers, application servers, and other devices that provide services to them; and other domains hosted on these servers

Sensitive information: information that is protected by law or susceptible to fraudulent use, including, but not limited to: Protected Health Information (PHI), personal directory information about students and employees including home addresses and phone numbers, financial data associated with individuals, social security numbers, credit card numbers, bank and credit union account numbers, health insurance plan identification numbers, trade secrets or intellectual property, and unauthorized copies of copyrighted materials.

Exemptions

This policy applies to everyone at all campuses and sites of the University of Kansas Medical Center. There are no exemptions.

Procedures

General procedures

All materials on KUMC web servers should either be accessible through menus or embedded links or should be in preparation for such accessibility. No other material of any kind should be stored on KUMC web servers, including (but not limited to) personal files, business-related files, audio and video files not linked to a web page, back-up copies of files or desktop hard-drives, commercial software, and material downloaded from other web servers.

Information intended for the KUMC community only should be IP restricted (making it inaccessible to the public). If such information is intended only for selected individuals, it should either be password-protected or distributed by other means.

All material on our web servers, linked or unlinked, will be found, indexed, and presented in response to related searches by our search engine and by public search engines unless specifically protected. Consult with the Department of Internet Development about protecting information in preparation for publication but not yet published.

Sensitive information and KUMC web servers

KUMC web servers must not be used to store or display information that is protected by law or susceptible to fraudulent use. They should be used to collect and transmit such data only when appropriate security measures have been taken. Examples of this sensitive information include:

  • Protected health information ( governed by HIPAA)
  • Personal directory data about students (governed by FERPA) and employees
  • Financial data associated with individuals (governed by the Gramm-Leach-Bliley Act)
  • Social security numbers
  • Credit card numbers
  • Bank and credit union account numbers
  • Health insurance plan identification numbers
  • Trade secrets or confidential intellectual property (for example, research-related)
  • Unauthorized copies of copyrighted materials

Files containing sensitive information should be stored only on certified computers inside the private network, and should be encrypted wherever possible.

Web forms for transactions involving sensitive information

Personal information collected from web forms must be transmitted via SSL or secure mail. Web sites collecting personal information must display a privacy statement that describes the kind of information that is collected, how it is to be used, and how it may be disclosed. Web survey subjects must be prevented from viewing any survey records other than their own. Anyone considering collecting or transmitting personal or other sensitive information via a web form must consult with the Internet Development division of the Department of Information Resources.

Credit card payments may be processed on KUMC web servers only with forms developed by the Internet Development Unit using a state approved third-party handler.

Enforcement

All inappropriate material will be removed from KUMC web servers. Account holders who store inappropriate material will have their accounts disabled. They may also be accountable under any applicable University policies, procedures, or collective bargaining agreements, including disciplinary action.

For related information

Web Development Resource Guide
Web Resource Accessibility Policy

Contact information

Steffani Webb
Associate Vice Chancellor for Information Resources
Chief Information Officer (Interim)
University of Kansas Medical Center
3901 Rainbow Blvd.
Kansas City, Kansas 66160
(913) 588-4900
swebb@kumc.edu

Jameson Watkins
Director of Internet Development
University of Kansas Medical Center
3901 Rainbow Blvd.
Kansas City, Kansas 66160
(913) 588-7387
jwatkins@kumc.edu

Sherry Callahan
Director of Information Security
University of Kansas Medical Center
3901 Rainbow Blvd.
Kansas City, Kansas 66160
(913) 588-0966
scallahan@kumc.edu

Last updated February 2009

Last modified: Jan 22, 2013