POLICY RESOURCES POLICIES www.Google.com American Library Association http://www.ala.org/ Educause Focus Areas and Initiatives, Policy and Security http://www.educause.edu/focus-areas-and-initiatives/policy-and-security SANS Information Security Policy Templates http://www.sans.org/security-resources/policies/ Missouri School Board Association Law-Policy-Labor Relations, Education Policy Services http://www.msbanet.org/law-policy-a-labor-relations/education-policy-services.html Acceptable Use Policies in the Web 2.0 and Mobile Era http://www.cosn.org/Default.aspx?TabId=8139 Developing and Writing Library Policies and Procedures http://www.fdlp.gov/home/repository/doc_download/699-how-to-develop-a-write-library-policies-andprocedures STATUES, REGULATIONS, CONTRACTS Library Records Retention Schedule http://www.sos.mo.gov/archives/localrecs/schedules/pdf/Library.pdf Missouri Statues regarding confidentiality of records, protection of children, and data breach notification RSMo 182.815 Disclosure of library records, definitions. http://www.moga.mo.gov/statutes/C100199/1820000815.HTM RSMo 182.817 Disclosure of library records not required – exceptions. http://www.moga.mo.gov/statutes/C100-199/1820000817.HTM Updated March 4, 2013 POLICY RESOURCES RSMo 182.825 Definitions. (as used in sections 182.825 and 182.827) http://www.moga.mo.gov/statutes/C100-199/1820000825.HTM RSMO 182.827 Responsibilities of public schools and public libraries with public access computers— rulemaking authority—immunity from liability, when. http://www.moga.mo.gov/statutes/C100199/1820000827.HTM RSMo 573.010 Definitions (as used in section 573.060) RSMo 573.060 Public display of explicit sexual material. http://www.moga.mo.gov/statutes/C500599/5730000060.HTM RSMo 407.1500.1 Definitions--notice to consumer for breach of security, procedure--attorney general may bring action for damages. http://www.moga.mo.gov/statutes/C400-499/4070001500.HTM CIPA USAC CIPA requirements http://www.usac.org/sl/applicants/step06/cipa.aspx ERATE Central http://www.e-ratecentral.com/CIPA/cipa_policy_primer.pdf Copyright Copyright Law of the United States http://www.copyright.gov/title17/circ92.pdf Copyright Crash Course, Copyright in the Library http://copyright.lib.utexas.edu/l-intro.html Know Your Copyrights, Resources for Teaching Faculty http://www.knowyourcopyrights.org/resourcesfac/faq/ FERPA http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html HIPAA US Department of Health and Human Services, Health Information Privacy http://www.hhs.gov/ocr/privacy/ PCI PCI Security Standards Council https://www.pcisecuritystandards.org/ Updated March 4, 2013 POLICY RESOURCES MOREnet REAL http://www.more.net/content/real-policies Service Policies http://www.more.net/content/service-policies RISK ASSESSMENT FRAMEWORK NIST Special Publications (General) http://csrc.nist.gov/publications/PubsSPs.html Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach SP 800-37 Rev. 1 http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37rev1-final.pdf Microsoft Security Risk Management Guide http://www.microsoft.com/en-us/download/details.aspx?id=6232 CERT OCTAVE Resources http://www.cert.org/octave/ SANS http://www.sans.org/ (Search “risk assessment” in the search box.) COMPLAINCE FRAMEWORK Unified Compliance Framework https://www.unifiedcompliance.com/ Updated March 4, 2013