Compliance and Ethics
Compliance and Ethics
Training represents a core component of USM's compliance program by providing the information necessary for individuals to understand the laws. Moreover, training promotes an organizational culture that fosters a commitment to compliance with the applicable laws. Within each submenu, you will find information about our training program.
iTech will oversee the rollout of additional compliance courses provided by InfoSec. For questions about cybersecurity training, email infosecFREEMississippi.
GET INCLUSIVE COMPLIANCE COURSE SYSTEM
If any law (either Federal or State) or if an institutional policy needs to be communicated, The University of Southern Mississippi may elect to use an online system to educate the entire Campus community or any group within the community as a whole. A variety of federal laws affect how the University must handle certain matters and indicate what information needs to be distributed to the campus community as a whole.
Required pursuant to Title IV of the Civil Rights Act of 1964 (42 U.S.C. § 2000c) which prohibits public school districts and colleges from discriminating against students on the basis of sex, among other bases.
Title IX of the Education Amendments of 1972 (Title IX), 20 U.S.C. §§ 1681 et seq., and its implementing regulations, 34 C.F.R. Part 106, prohibit discrimination on the basis of sex in education programs or activities operated by recipients of Federal financial assistance.
Required pursuant to the Drug-Free Schools and Communities Act (as articulated in the Education Department General Administrative Regulations (EDGAR) Part 86.1 of the Drug-Free Schools and Campuses Regulations requiring Institutions of Higher Education who are receiving Federal Funds or Financial assistance to develop and implement a program to prevent the unlawful possession, use, or distribution of illicit drugs and alcohol by students and employees.
Each of the laws below requires cybersecurity training:
Gramm-Leach Bliley Act (GLBA) applies to universities who act as financial institutions by taking payments and
therefore are required to implement safeguards to protect consumer information. The
Act requires personnel to be provided with updated security awareness training as
necessary to reflect risks identified by a risk assessment.
Health Insurance Portability and Accountability Act (HIPAA)
The Act applies to organizations creating, receiving, storing and transmitting "Protected
Health Information). Organizations are required to implement a security awareness
and training program for all members of the workforce (including management) and must
do so on an ongoing basis.
Payment Care Industry Data Security Standard (PCI DSS)
As an organization accepting credit cards, the University must comply with the requirements
including the requirement to mandate cybersecurity awareness training that makes all
personnel aware of the cardholder data security policy and procedures.
FISMA, FedRAMP, DFARS and CMMC
Any organization supplying goods or services to a federal agency is required to implement
a cybersecurity awareness training program.
The General Data Protection Regulation (GDPR)
Applies to data that is stored or transmitted in the European Economic Union. Under
Article 39 of the GDPR, the Data Protection Officer is tasked with "awareness raising
and training of staff involved in the processing operations." Article 43 of GDPR also
quires data protection training is required for those with permanent or regular access
to personal data.
SECTION 25-53-201, MISSISSIPPI CODE OF 1972-establishes an Enterprise Security Program for coordinating oversight of cybersecurity across state agencies. State agency directors or agency heads are required to develop a security program a component of which requires training as part of an overall cybersecurity program, as is best practice for a cohesive program aimed at avoidance of potential threats through cybersecurity awareness.
Questions: For questions, email infosec@usm.edu.
Child Abuse Awareness
Pursuant to USM's Minors on Campus policy, this training is required of each Authorized
Adult/Program Staff member who will be participating in a program covered by the Minors
on Campus policy. In addition to completing the course in Get Inclusive, Authorized
Adult/Program Staff members must also read the Minors on Campus policy; and they must view the USM Minors on Campus course- https://usm-office-of-compliance-and-ethics.screencasthost.com/watch/c3h10YVYS5B and take the quiz accessible at https://forms.office.com/r/da7jqUAayL. Email complianceFREEMississippi with questions or to obtain a link to the Get Inclusive course.
Financial Conflict of Interest
If your grant funder requires you to obtain institution specific FCOI training, please
email samuel.bruton@usm.edu. Remember, all full-time faculty members must complete
their FCOI Disclosure annually starting each September 1st. Use the following link
to access the FCOI Disclosure: https://apps.usm.edu/research/fcoi/
If any of the content is not accessible using assistive technology, please email complianceFREEMississippi.
Should you have any questions or concerns, please email trainingFREEMississippi.
COURSE COMPLETION FREQUENCY:
Starting with the 2021 rollout of courses, courses will be completed biennially or every 2 years.