Third Party Data Transfer Procedure
For Students, Faculty, Staff, Guests, Alumni
This procedure standardizes how data is transmitted/transferred between the University’s IT Resources and a third party.
This IT document, and all policies referenced herein, shall apply to all members of the University community, including faculty, students, administrative officials, staff, authorized guests, delegates, and independent contractors (the “User(s)” or “you”) who use, access, or otherwise employ, locally or remotely, the University’s IT Resources, whether individually controlled, shared, stand-alone, or networked.
Transmission of data to or from the University, and a third party, must be reviewed and approved by Information Security and Assurance (ISA), per the Third-Party Data Transfer policy.
The requestor must submit a service request on EasyVista from the Tech Help tab on fordham.edu to initiate a third-party data transfer request. Click Submit a Request.
- Type “Third Party Data Transfer” in the search field under “Request Catalog.”
- Click “More.”
- Click “Request It.”
- Complete all the required fields on the request form.
- You may use the Additional Information text box to provide the processors' details that are not included in the form (e.g., additional contacts, specific instructions, notes).
- Click “Ok.”
- EasyVista notifies all related parties of the request via email.
- Information Security and Assurance will have the opportunity to review the submission and either approve or reject the request.
- If the request is rejected, all parties mentioned in the request ticket will receive an email notification.
Note: If a request is rejected, you will need to modify your request and submit a new ticket.
IT Resources include computing, networking, communications, application, telecommunications systems, infrastructure, hardware, software, data, databases, personnel, procedures, physical facilities, cloud-based vendors, Software as a Service (SaaS) vendors, and any related materials and services.
Related Policies and Procedures
- Data in Transit Policy
- Data Classification and Protection Policy
- Data Classification Guidelines
- Third-Party Data Transfer Policy
|Responsible Person||Senior Director, IT Security Operations and Assurance|
|1.0.1||03/18/2020||Updated to statement|
|1.2||02/22/2021||Updated procedure statement|