To ensure compliance with university policies and state and federal requirements, this service provides continuous activities:

• Assessment of university infrastructure, systems, services for compliance ISO 27002, GLBA, Red Flags, NIST 800-171, PCI DSS, HIPAA, and so forth
• Annual ISO 27002 compliance gap analysis for the UNC System security peer-review program
• PCI compliance assessment and validation activities
• HIPAA compliance program management to ensure protection of PHI data
• NIST 800-171 compliance program management to ensure protection of Controlled Unclassified Information (CUI)
• Higher Education Opportunity Act (HEOA) Compliance program management to ensure effective responses to potential violations of the Digital Millennium and Copyright Act (DMCA)
• PowerAmerica Security and Compliance Program (PA SCP) management to ensure that PowerAmerica data on campus (and also on external member locations) are protected as required by the PA SCP Security Policy, Regulations, Rules (PRRs) and SOP Development

For more information or help with this service, please click on the "Help With This Service" button.