2014 Faculty Conference: the emerging problem of compliance on campus

The emerging problem of compliance on 

campus

T. Boyd & R. Flintoft

2

University Issues in the Spotlight

3

“But, we do what we think is the right

thing.”

Area # Statutes  & Regs Academic Programs 19 Accounting 18 Accreditation 1 Admissions 12 Athletics 5 Campus Safety 19 Copyright & Trademark 8 Disabilities 39 Enviro Health & Safety 40 Ethics 5 Area # Statutes  & Regs Export Controls 4 Financial Aid 25 Grants Management 14 Human Resources 44 Information Technology 14 IP & Tech Transfer 8 Lobbying 6 Privacy & Info Security 24 Research 11 Sexual Misconduct 12 4

Is doing the “right thing” enough?

Consider the Clery Act (1990) – To receive federal funds,  Universities must: • Maintain information for crimes on/near campus, • Publish annual reports including crime statistics,  security measures and crime reporting protocols. Modified and expanded via legislative actions: 2013 VAWA Act – • Include in crimes reported domestic violence, dating  violence, and stalking, • Expands definition of reportable hate crimes, • Requires establishment of educational prevention and  awareness programs, and • Develops step‐by‐step procedures for reporting,  investigating and adjudication. 2014 Campus Accountability and Safety Act (Proposed) –

5

DoD Voluntary Education Partnership

Memorandum of Understanding



DoD MOU required participation in DoD Tuition Assistance Program. 



Program provides tuition assistance to active‐duty military, immediate 

family.



Mines currently enrolls <5 eligible students.



While “Voluntary”, what is the external perception of not participating?



The MOU requires ALL participants to subject themselves to –



Increased DoD inspections,



DoD payment procedures,



Rules for transferring credit,



Granting academic credit for military training,



Residency requirements,



Personalized cost of education access requirements, 



Personalized advising requirements, and



Extensive, service‐specific reporting requirements. 6

Increasingly Intrusive Operational

Oversight: CDC Security Requirements



Recent contract awarded through NIOSH which is part of CDC. 



Contract requires standard CDC computer security processes.



These include –



Compliance with “Federal Desktop Core Configuration” standards,



Compliance with “Federal Information Processing Standards” including encryption,



Use of Key Management Key to decrypt and recover all encrypted information,



Securely managed encryption keys,



Incorporate all of the above into a control system or establish a separate procedure  for all computers and mobile devices that store or process sensitive information,



Provide CDC copy of Mines IT Security Plan and details of our approach to security,  and finally,



Provide written prove to CDC that IT Security and Accreditation was performed for  applicable systems.

Certification of all of these requirements is needed prior to the awarding of 

funds.

7

Export Control Requirements



Government regulations controlling certain restricted equipment, 

software, chemicals, bio‐agents or technology.



Controls are intended to promote national security and foreign 

policy objectives



Types of exports that are controlled include:



Physical Exports: international shipping or transmission of equipment, 

commodities, technology or data,



Foreign Travel: international travel with equipment or data and travel to 

sanctioned/embargoed countries, and



Deemed Exports: access to controlled equipment or data by foreign 

nationals inside the US (

i.e., student, visiting scholars, and conference 

attendees

).



Penalties associated with non‐compliance are significant. Criminal 

penalties can be as much as $1M and 20 years imprisonment.

8

Export Controls – Faculty Resources



Government Reference:

http://www.export.gov



ORA website:

http://inside.mines.edu/RES‐Export‐Control.html



On‐campus Training Opportunity:

September 11, 2014

12 noon, Petroleum Hall, Green Center

Nelson Dong

Export Control Counsel for Dorsey & Whitney

9

Example: Sexual Violence

Title IX

, Campus Save Act and more…

10

Example: Sexual Violence

Title IX,

Campus Save Act

and more…



Enacted in March 2013, amends the Clery Act



Requires primary prevention and awareness

programs – for all incoming students and all

faculty/staff



Includes sexual assault,

domestic violence, dating violence,

and stalking



October 1, 2014 deadline

11

Example: Sexual Violence

Title IX, Campus Save Act

and more…



White House Task Force to Protect Students from

Sexual Assault



April 2014 report, titled “Not Alone”



Significant recommendations regarding victim rights and

university responsibilities



Focus on enforcement transparency



www.notalone.gov



Campus Accountability and Safety Act (proposed)



Even more requirements for higher ed



Fines up to 1% of annual operating budget

12

Mines Compliance Specialists



Jane Rosenthal – Director of Compliance and Policy



Previous Appointments – University of Kansas, Lawrence; Director Privacy 

Office, KU Medical Center Research Institute; Corporate Counsel and 

Contract Officer



J.D. – University of Kansas



Expertise – Privacy, information management and lifecycle, and research 

agreements, licensing, etc.



Karin Ranta‐Curran – Assistant Director HR –

EEO Equity, Title IX Coordinator



Previous Appointments – Kaiser Permanente; 

Employee and Labor Relations Consultant, 

Mountain States Employers Council; Workplace 

Investigator and Staff Attorney, Frontier Airlines; 

Corporate Counsel – Labor and Employment



J.D. – University of Colorado, Boulder



Expertise – Equity and equal employment efforts, 

programs, reporting and compliance. Affirmative