The IT Security Department at Thomas Jefferson University is the university resource for guidance on IT security related matters. Our goal is to help clarify what IT security measures are necessary in today's rapidly changing regulatory technology environment. This clarification will help ensure the confidentiality, integrity and availability of university systems and data.
While the IT Security department is focused on all aspects of information security, we are particularly focused on facilitating the university’s compliance with specific legal and regulatory requirements. Specifically the IT Security department is focused on the HIPAA Security Rule, FERPA, GLBA, PA State Privacy Laws, PCI, ISO 27002:2005 and NIST 800-33 IT security best practices. The IT Security Department frequently works in conjunction with the University Privacy Officer, University Counsel, the Department of Internal Audit, IS&T and others to provide specific IT security guidance and keep the campus community informed of our responsibilities related to information security.
Customer service, responsiveness and a balanced approach to IT security risk management are the primary decision elements used to guide the direction of the IT security and policy efforts at Jefferson. All information security requirements are designed to provide appropriate security assurance for Jefferson information resources, while preserving and enhancing system access and availability.
The Director of IT Security and Policy acts as Jefferson’s Information Security Officer. The Director of IT Security and Policy chairs the IT Security Committee (comprised of key stakeholders within the Jefferson community), which is tasked with developing and implementing security policies, standards, evaluations, and university-wide security awareness. The Director of IT Security and Policy also coordinates IT security efforts and activities across the university, including Jefferson University Physicians. In collaboration with the University Privacy Officer, The Director of IT Security and Policy works to ensure all HIPAA covered systems are in compliance with the Act.
The Director of IT Security and Policy is available to speak with your team, department, college or other university organization on a variety of information security topics.
The success of Jefferson's Information Security program is not possible without the support of the Thomas Jefferson University, faculty, staff and students. We maintain an open door policy and welcome all comments and suggestions regarding Information Security.
To report an IT Security incident call the IS&T Solutions Center at 3-7975 or use the service request feature to submit a security breach notice.
We are located at:
Thomas Jefferson University
Health Professions Academic Building , 10th Floor
901 Walnut Street
Philadelphia, PA 19107