|Oversight Unit:||INFORMATION TECHNOLOGY-TECHNICAL SERVICES|
|This policy has a related procedure. Click to view the procedure below.|
|This policy has a related guideline. Click to view the guideline below.|
This policy protects university data when it is entrusted to a third party.
All university personnel who contract with vendors who store, process or transmit university data defined as ‘confidential’ by the university’s Data Classification Policy.
As a condition of doing business or continuing to do business with NMU, vendors that store, process or transmit confidential data, must agree to the data protection criteria as provided in the university’s Vendor Privacy Agreement. Exceptions to this policy may only be granted by the University’s Committee on Information Security Operations.