New Florida Statute on Reporting Computer Compromises of Personal Information
Marc Hoit, Interim Associate Provost for IT Kathy Bergsma, UF Information Security Manager
Starting July 1, University of Florida students, faculty and staff will join a growing public gaining privacy rights. Florida House Bill 481 was passed by the Florida legislature this spring which increases your protection.
The university’s IT Security Team and Privacy Office have been working to prepare for the new law. UF falls under Section 817.5681, which requires organizations to notify clients within 45 days of a security breach if their personal information has been compromised. Failure to do so can result in a fine from $1000 per day to a maximum fine of $500,000. Sensitive personal information is defined as a name in combination with a social security number, driver’s license number or financial account number including access security code. Notifications can be sent via the following methods: written, electronic email, conspicuous posting on a website, or statewide media.
Through safe computing, the UF IT Security Team hopes to minimize the number of compromised computers. Running anti- virus software offered free to all UF students, faculty and staff, updating with current patches and using strong passwords are three good ways to improve IT security. More information about UF security can be found at http://infosec.ufl.edu/.
Please share this memo with anyone who stores information on their computer that fits the description of sensitive personal information.