A message from Dermot Kelleher, Dean, Faculty of Medicine and Vice-President, Health, UBC.
I am pleased to share the Faculty of Medicine Information Technology Governance & Cybersecurity Policy and Procedures, which was finalized and approved late last year.
Information technology is a crucial enabler for our educators, scientists, learners, and staff. Cybersecurity now presents one of the top risks to the institution, and health research in particular has been identified by national security agencies as a target for intellectual property theft.
The Faculty of Medicine has developed and approved this policy to reduce risk to the Faculty, UBC and our Health Authority partners who host academic activities. The Policy and related procedures apply to all Faculty of Medicine units.
The new Policy:
- Provides clarity on the application of UBC Policies in all Faculty of Medicine units and environments, particularly locations outside of the UBC Vancouver campus;
- Defines reporting requirements of all staff and contractors performing IT-related duties;
- Clarifies procedures to ensure compliance with UBC IT related policies and standards; and
- Promotes efficient and effective use of technology resources within the Faculty.
The Information Technology Governance & Cybersecurity Policy and Procedures document was developed and revised through a comprehensive stakeholder engagement process, led by the Faculty of Medicine Digital Solutions unit. Stakeholders including senior leadership and administrators across Faculty of Medicine departments, schools, research centres/institutes and administrative units, as well as Faculty-wide finance and information technology teams, provided input and feedback through a range of consultations.
In alignment with UBC’s Information Security Compliance Program, and the Policy & Procedures, all Faculty of Medicine units with their own IT systems will be required to complete a self-assessment of their compliance with Essential Controls. Affected unit IT and administrative leads will be invited to an introductory meeting to the process in the coming months. Departments supported by Digital Solutions will be handled centrally, but will also participate.
Please familiarize yourself with the new policy (available on MedNet) and circulate it with your team’s IT lead. The Digital Solutions Information Security team will be working closely with units directly affected by the new policy to assist with its implementation and the self-assessment process. If you have any questions, please contact the Deputy CIO-Medicine Office at dcio.medicine@ubc.ca.
This message was sent to the Dean’s Executive Team, Department Heads, School Directors, Regional Associate, Associate and Assistant Deans, Centre/Institute Directors, Administrative Service Unit Directors and Senior Administrators.