Information Security Program
Home >> Guidance >> Policies

System Security Standard  Find out the standard ways to secure a system at UW Medicine

New Data Stewardship Training  Know your Role and Responsibilities for Confidential Information

How to Encrypt Computing Devices and Electronic Data  How do I encrypt?

Information Security Policies  Home of the Information Security Policies

Departmental Training Materials  Training materials for use in departmental education

Self Service Vulnerability Assessement  Find your Vulnerabilities

Frequently Asked Questions  Find Security related answers

Glossary of Terms  Information Security Term Definitions

Contact the Information Security Team  We are here to Help

Secure Remote Access  UW Medicine Networks Team

UW Office of the CISO  UW Chief Information Security Officers Website

UW Medicine Information Security Policies

UW Medicine has many different laws and regulations that we need to comply with. IT Services - Security has developed information security policies that define the requirements that must be followed at UW Medicine to comply with these laws and regulations. These policies also follow IT Security industry best practices.

The policies are divided into three distinct categories:

  • Electronic Data
  • Computing Devices and Systems
  • Workforce Member

IT Services - Security has developed role based guidance to guide UW Medicine workforce members on how to comply with policy requirements that are related to the role they serve at UW Medicine. If you would still like to view the actual policy documents, the definitions of the policies below are linked to copies of the documents with an additional PDF version if you would like to download them

Electronic Data Policy

This policy defines the requirements around how electronic data can be used at UW Medicine. This includes access to, transmission of, and storage of any type of electronic data. The policy can be viewed on this site here: Electronic Data Policy or the PDF copy is here: Click here for PDF Copy

Computing Devices and Systems Policy

Computing devices are any electronic device that uses electronic data in any way. A system is any device or collection of devices that has a system owner assigned to it. This policy defines how these computing devices or systems can be used at UW Medicine. The policy can be viewed on this site here: Computing Device and System Policy or the PDF copy is here: Click here for PDF Copy

Workforce Member Policy

Per APS 2.4; Workforce members are employees, trainees, students, volunteers, and other entities or persons who perform work for the University. This policy defines requirements for workforce members performing work at or on behalf of UW Medicine. The policy can viewed on this site here: Workforce Member Policy or the PDF copy is here: Click here for PDF Copy

Policy Questions

If you do not find the answers you are looking for or you would like send the Information Security Team a policy question, Please contact the IT Services Help Desk at