UW-Madison - IT - Incident Reporting and Response - History
Return to:
- Incident Reporting and Response Policy
- Incident Reporting and Response Procedures
- Incident Reporting and Response Flowchart
- Incident Reporting and Response Template
| Date | Activity |
|---|---|
| Oct 26, 2018 | Revised meta-data to indicate that the policy, procedures, flowchart, and template all need to be reviewed annually and approved by the Chancellor's designee, per UW System Admin Policy 1033. No other changes made. |
| Jan 18, 2018 | Aug 10, 2012 version, maintenance revision B. Updated links, references.
|
| Jan, 2018 | Reviewed Information Incident Response Flow Chart. Needs minor adjustment of activity after triage when no reportable incident is found. |
| Mar 04, 2016 | Revised the incident response flow diagram. Changed "sensitive information" to "sensitive data". Changed "UW-Madison IT Security" to "Office of Cybersecurity". |
| Jan 12, 2016 | Aug 10, 2012 version, maintenance revision A. Migrated to IT Policy KB. Changed "Office of Campus Information Security (OCIS)" to "Office of Cybersecurity". Changed "sensitive information" to "sensitive data".
|
| Aug, 2015 | Migrated to IT.WISC.EDU website. No substantive changes. |
| Jun 19, 2015 | Reviewed. May need to modify incident response procedures by expanding the scope to explicitly include incidents involving HIPAA, PCI, student records, and other special cases. (Note: Reporting and response to such incidents is already occurring, but the procedures do not include enough detail about the special cases.) |
| Jan, 2015 | Migrated to interim CIO website. No substantive changes. |
| Jun 26, 2015 | Revised the incident response diagram. Minor changes. |
| Jun 24, 2014 | Reviewed. May need to add language to make it clearer that the policy applies to HIPAA incidents (other than incidents that are oral and paper only.) |
| Aug 10, 2012. | Revised. Extensive changes. Much more rigorous reporting and response for Restricted Data. Many other changes. |
| Aug 03, 2011 | Sep 24, 2010 version, maintenance revision D. Minor changes to incident response flowchart. No substantive changes. |
| Jun 13, 2011 | Sep 24, 2010 version, maintenance revision C. Minor changes. Revised incident response flowchart. No substantive changes. |
| Dec 17, 2010 | Sep 24, 2010 version, maintenance revision B. Changed policy text from: "special policies and reporting requirements" to "additional policies or reporting requirements", and added human subjects research as an additional example. In the procedures, put UW PD emergency contact (911) ahead of the non-emergency contact. Added metadata link to published policy document. Minor format changes. |
| Dec 02, 2010 | Sep 24, 2010 version, maintenance revision A. Minor format changes. Added link to history. No substantive changes. |
| Sep, 24, 2010 | Revised. Minor revisions to the policy for readability, brevity, consistency, etc. Removed the template triage procedures, which will be maintained as a separate document. Removed the copy of the Sensitive Data Definition, and added a link to it instead. |
| Jun 22, 2010 | Jun 01, 2009 version, maintenance revision C. Updated links. Updated the attached definition of sensitive information. No substantive changes. |
| Jun 06, 2009 | Jun 01, 2009 version, maintenance revision B. Final changes to initial version of the policy and procedures. No substantive changes. (Note: Rev A was drafted but not published.) |
| Jun 01, 2009 | Effective Date. |