I. INTRODUCTION
Data protection necessitates procedures and obligations, as data classified differently in storage, transmission, access, etc. must be safeguarded from disclosure, dissemination, or modification.
Note: The policies and controls of the University of Baghdad are not in conflict with the information security policies and standards document and statements issued by the General Secretariat of the Council of Ministers; rather, they are complementary to them. The policy is updated periodically as necessary.
II. GOAL
Protecting the electronic data stored by the University of Baghdad that pertains to individuals to guarantee data confidentiality and preserve the highest standards of data protection.
III. SCOPE
The systems of the University of Baghdad are subject to this policy, which pertains to all data stored in their accounts.
IV. PROCEDURES & OBLIGATIONS
- The University of Baghdad’s personnel are dedicated to safeguarding the data contained within the systems and follow the information security policies and standards established by the General Secretariat of the Council of Ministers. This is reflected in the policies for managing information systems components.
- In the event of a need for backup copies, all electronic data is stored on its own systems.
- Specific procedures are in place to manage and secure personal data in databases and documents.
- The most secure areas of the network are where confidential and purely confidential information is stored.
- The University of Baghdad is dedicated to the protection of user data and disclaims liability if it is disclosed or revealed by the individual or for hazardous use by those who work on its systems.
- The University of Baghdad is dedicated to adhering to Google’s policies regarding the appropriate and secure use of its electronic accounts and the protection of its accounts.
- The data and its content may only be handed over or viewed by an external party or a party within the university that does not have a direct relationship with the data, provided that the University President, the Manager of Information Security, and the System Manager have granted their approval.