Data Protection Policies

USEIC Privacy and Data Protection Policies

Establishes the personnel responsibilities and functions within the Data Protection Program and defines key terms and definitions used and referenced by other policies. CLICK TO VIEW — **Establishes the personnel responsibilities and functions within the Data Protection Program and defines key terms and definitions used and referenced by other policies.**
**CLICK TO VIEW**

USEIC information/data is classified into four categories: Sensitive Data, Confidential Data, Internal Data, and Public Data. CLICK TO VIEW — **USEIC information/data is classified into four categories: Sensitive Data, Confidential Data, Internal Data, and Public Data.**
**CLICK TO VIEW**

Provides guidance for the appropriate access and use of USEIC information resources, proper conduct when using those resources and privacy expectations. CLICK TO VIEW — **Provides guidance for the appropriate access and use of USEIC information resources, proper conduct when using those resources and privacy expectations.**
**CLICK TO VIEW**

Defines acceptable methods for business continuity and disaster recovery planning for the Organization's business following the loss of systems that are critical to the operations of a business unit. CLICK TO VIEW — **Defines acceptable methods for business continuity and disaster recovery planning for the Organization's business following the loss of systems that are critical to the operations of a business unit.**
**CLICK TO VIEW**

Ensures that customers are aware of and understand the nature of the data which USEIC may collect, the use of such data, and how customers can contact the Organization to limit or withdraw the right of such data. This policy also generally outlines the steps which USEIC takes to protect customers' personal data. CLICK TO VIEW — Ensures that customers are aware of and understand the nature of the data which USEIC may collect, the use of such data, and how customers can contact the Organization to limit or withdraw the right of such data. This policy also generally outlines the steps which USEIC takes to protect customers' personal data.
**CLICK TO VIEW**

USEIC workforce members will receive educational information related to the regulatory requirements of the Personal Data Protection Act of 2012 (PDPA), and complete PDPA training including information about USEIC Privacy and Data Protection programs. CLICK TO VIEW — USEIC workforce members will receive educational information related to the regulatory requirements of the Personal Data Protection Act of 2012 (PDPA), and complete PDPA training including information about USEIC Privacy and Data Protection programs.
**CLICK TO VIEW**

Establishes the responsibilities of the Organization Response Team (ORT) for handling all aspects of a data breach incident and also provides an incident response checklist to triage the data breach. CLICK TO VIEW — **Establishes the responsibilities of the Organization Response Team (ORT) for handling all aspects of a data breach incident and also provides an incident response checklist to triage the data breach.**
**CLICK TO VIEW**

Provides guidance for proper use of email, necessary actions for sending sensitive data via email and privacy expectation. CLICK TO VIEW — **Provides guidance for proper use of email, necessary actions for sending sensitive data via email and privacy expectation.**
**CLICK TO VIEW**

Describes the process of establishing, documenting and reviewing appropriate access to USEIC information resources and logging requirements. CLICK TO VIEW — **Describes the process of establishing, documenting and reviewing appropriate access to USEIC information resources and logging requirements.**
**CLICK TO VIEW**

Establishes the Records Retention Schedule, lists the types of organizational records and their retention period, and provides a framework for the life cycle management of organizational records. CLICK TO VIEW — **Establishes the Records Retention Schedule, lists the types of organizational records and their retention period, and provides a framework for the life cycle management of organizational records.**
**CLICK TO VIEW**

Defines the requirements that all network, communications and telecommunications-related equipment and devices, including cabling, be installed and maintained by authorized USEIC's network and technology support groups. CLICK TO VIEW — Defines the requirements that all network, communications and telecommunications-related equipment and devices, including cabling, be installed and maintained by authorized USEIC's network and technology support groups.
**CLICK TO VIEW**

Provides general protection requirements for desktop and laptop computers, mobile devices and any endpoints that contain USEIC data. CLICK TO VIEW — **Provides general protection requirements for desktop and laptop computers, mobile devices and any endpoints that contain USEIC data.**
**CLICK TO VIEW**

Describes the requirements for appropriate and approved use of externally hosted USEIC Systems and/or Data. CLICK TO VIEW — **Describes the requirements for appropriate and approved use of externally hosted USEIC Systems and/or Data.**
**CLICK TO VIEW**

Provides guidance on what to include in a downtime announcement and how to communicate upcoming maintenance windows to users. CLICK TO VIEW — **Provides guidance on what to include in a downtime announcement and how to communicate upcoming maintenance windows to users.**
**CLICK TO VIEW**

Describes the requirements for the security controls that protect systems that process, transmit and/or store USEIC data. CLICK TO VIEW — **Describes the requirements for the security controls that protect systems that process, transmit and/or store USEIC data.**
**CLICK TO VIEW**

It is the policy of USEIC to obtain an External Vendor Agreement (EVA) from a business vendor, service provider or a non-workforce member individual that will have access to Personally Identifiable information (PII) in compliance with the requirements of the Personal Data Protection Act of 2012 (PDPA). CLICK TO VIEW — It is the policy of USEIC to obtain an External Vendor Agreement (EVA) from a business vendor, service provider or a non-workforce member individual that will have access to Personally Identifiable information (PII) in compliance with the requirements of the Personal Data Protection Act of 2012 (PDPA).
**CLICK TO VIEW**

Defines the requirements for appropriate data deletion and proper disposal methods to be used when discontinuing use of USEIC's devices. CLICK TO VIEW — **Defines the requirements for appropriate data deletion and proper disposal methods to be used when discontinuing use of USEIC's devices.**
**CLICK TO VIEW**

United States Education Information Center

Your Guide to U.S. Higher Education in Singapore

The United States Education Information Center (USEIC) is the most experienced group in Singapore for information about studying in America. USEIC provides unbiased, accurate and comprehensive information about all accredited institutions of higher education in the United States. Our professional advisers offer guidance and information to help you understand the U.S. education system, programs, and culture. We can assist you with the application process to a U.S. college or university and help you prepare to study in America.

USEIC - United States Education Information Center |