Skip to navigation content (Press Enter).

Factors Affecting Best Practices

It is the responsibility of McMaster University to consider the implications of unauthorized disclosure, modification, or destruction of data and/or information, or disruption to service on the servers for which they are responsible. System administrators and data owners should understand the importance of their systems within the context of many internal and external factors.

Understanding the factors that provide the context for security is key to understanding the value of a system, server or information. IT Security has identified the following six factors, three external and three internal, as being the primary focus of information security at McMaster University:

FIPPA ...

The Ontario Freedom of Information and Protection of Privacy Act requires organizations appropriately safeguard personal information, i.e., any information that uniquely identifies an individual, defined by the act as:

  • information relating to the race, national or ethnic origin, colour, religion, age, sex, sexual orientation or marital or family status of the individual,
  • information relating to the education or the medical, psychiatric, psychological, criminal or employment history of the individual or information relating to financial transactions in which the individual has been involved,
  • any identifying number, symbol or other particular assigned to the individual,
  • the address, telephone number, fingerprints or blood type of the individual,
  • the personal opinions or views of the individual except where they relate to another individual,
  • correspondence sent to an institution by the individual that is implicitly or explicitly of a private or confidential nature, and replies to that correspondence that would reveal the contents of the original correspondence,
  • the views or opinions of another individual about the individual, and
  • the individual’s name where it appears with other personal information relating to the individual or where the disclosure of the name would reveal other personal information about the individual; (“renseignements personnels”)

The act requires that personal information collected by any organization must be protected from inappropriate disclosure, and also must be available to the individual upon request.  As such, it is the responsibility of McMaster University system administrators and data owners to appropriately safeguard the confidentiality and integrity of personal information under their care and control.

For more details please visit the website of the McMaster University Secretariat:
http://www.mcmaster.ca/univsec/

PHIPA...

The Ontario Personal Health Information Protection Act requires organizations appropriately safeguard personal medical information, i.e., any information that uniquely identifies an individual, defined by the act as:

  • relates to the physical or mental health of the individual, including information that consists of the health history of the individual’s family,
  • relates to the providing of health care to the individual, including the identification of a person as a provider of health care to the individual,
  • is a plan of service within the meaning of the Home Care and Community Services Act, 1994 for the individual,
  • relates to payments or eligibility for health care, or eligibility for coverage for health care, in respect of the individual,
  • relates to the donation by the individual of any body part or bodily substance of the individual or is derived from the testing or examination of any such body part or bodily substance,
  • is the individual’s health number, or
  • identifies an individual’s substitute decision-maker. 2004, c. 3, Sched. A, s. 4 (1); 2007, c. 8, s. 224 (6); 2007, c. 10, Sched. H, s. 2

The act requires that personal medical information collected by any organization must be protected from inappropriate disclosure, and also must be available to the individual upon request.  As such, it is the responsibility of McMaster University system administrators and data owners to appropriately safeguard the confidentiality and integrity of personal medical information under their care and control.

For more information please visit the website of the McMaster University Secretariat:
http://www.mcmaster.ca/univsec/

PCI-DSS...

The Payment Card Industry Data Security Standard is an industry standard

McMaster University and its merchants are required to safeguard all payment card information used and/or collected while processing transactions.

For more information please visit the McMaster University Financial Affairs department website: http://www.mcmaster.ca/bms/BMS_FS_Payment_Card.htm

Forward with Integrity...

In keeping with the principles and priorities outlined in Forward with Integrity, it is incumbent upon McMaster University system administrators to assure the availability, integrity and confidentiality of information and systems in their care.  Continued access to accurate information is key to cultivating the interdisciplinary and multidisciplinary cooperation described by President Deane in his letter.

To read McMaster University President Patrick Deane’s letter to the community, please visit the Office of Public Relations: http://www.mcmaster.ca/opr/html/discover_mcmaster/presidents_message/integrity.html

Vision 2020...

In keeping with the principles and priorities of Vision 2020, specifically SD3: Modernization and Simplification of Infrastructure and SD5: Technology Risk, it is incumbent upon McMaster University system administrators to assure the confidentiality, integrity and availability of information and systems in their care.

To read McMaster CIO John Kearney’s vision please visit the UTS Strategy website:
http://www.mcmaster.ca/uts/staff/johnkearney/uts_strategy.html

Organizational Reputation...

It is the responsibility of system administrators to assure the integrity and availability of the information on McMaster University public facing systems, and to protect them from vandalism and denial of service.

Service Bulletins

Citrix Receiver Client Update

UTS asks Citrix users to upgrade Citrix Receiver Client to the most current version by February 28, 2017. See UTS Citrix website for installation and removal information.


Mosaic Upgraded Interface

Service Desk

Client Self Service:
https://servicedesk.mcmaster.ca
Hours: Monday - Friday
8:30 am - 4:30 pm
Phone: 905-525-9140 x24357 (2HELP)
Email: uts@mcmaster.ca
Location: Main Campus BSB Rm. 245
Service Catalogue:
http://www.mcmaster.ca/uts
-->

Great Idea Site

Great Idea