protecting our Information Resources

Computer systems, networks & data are vulnerable to ever increasing cybersecurity threats. These threats have the potential to perpetrate financial fraud & compromise the integrity, availability & confidentiality of the information used by the College & its users.

As such, the San Jacinto College maintains Policies & Procedures & has implemented controls to proactively monitor the College's network to identify potential security threats & quickly respond to security issues. We also offer a variety of services, information & tools to educate the College community about information security, account & system protection.

San Jacinto College & its students, faculty & staff are collectively responsible for helping ensure the College's computing environment is protected from cyberthreats. As a student, faculty, or staff member, you have access to a wealth of security services & tools that help you protect your computer, safeguard personal information & secure sensitive College data.


Our Security Standards

Federal, State & Local Laws require the College to take measures to protect Information Resources against unauthorized access, disclosure, modification, or destruction, whether accidental or deliberate.


The NIST Cyber Security Framework (CSF) is an overarching information security standard used to implement Federal, State & Local Laws & Regulations & is defined by the National Institute of Standards & Technology (NIST) within the U.S. Department of Commerce.


To implement Texas State Law, the College is required to comply with the standards defined by Texas Administrative Code §202 (TAC 202) & Texas Government Code 2054.


Texas State Law specifically requires compliance with the Texas Department of Information Resources (Texas DIR) Security Controls Standards Catalog.


Implementing Texas DIR standards should also satisfy other Federal Laws & Regulations given that Texas DIR control standards are based on NIST 800-53 standards.


Texas State Prohibited Technologies Policy. On December 7, 2022, the Governor of Texas  required the College to ban the video-sharing application TikTok from all state-owned & state-issued devices & networks over the Chinese Communist Party’s ability to use the application for surveilling Texans. Governor Abbott also directed the Texas Department of Public Safety (DPS) & Texas DIR to develop a plan providing state agencies guidance on managing personal devices used to conduct state business. The College is also required to remove other prohibited technologies which are on the DIR prohibited technology list.


Texas State Information Security Program

Pursuant to Texas State Law, the College is required to adopt the state’s Information Security Program that establishes formal cybersecurity governance, testing, controls, enforcement, & regular assessment & reporting to Texas DIR.

Click the button to learn more about the College’s Information Security Program.


Our Policies & Procedures

San Jacinto College maintains Policies & Procedures that protect the integrity of the College's mission & operations.

Click the button to learn more about the College’s Policies & Procedures.

Outlined below are a selection of (not limited to) the Policies & Procedures that protect the College Information Resources & the acceptable use of such Information Resources.


Information Resources

The below policies & procedures are currently in effect:

Policy III.3010.A, Information Resources

The purpose of this policy is to describe the requirements and expected responsibilities of the College to protect its Information Resources, and the conditions for acceptable use of College Information Resources by the College’s Users.

Procedure III.3010.A.a, Information Security Program

The College’s Information Resources are vital academic and administrative assets that require appropriate safeguards. Computer systems, networks, and data are vulnerable to ever increasing cybersecurity threats. To combat these threats, Federal and State Laws require the College to take measures to protect Information Resources against unauthorized access, disclosure, modification, or destruction, whether accidental or deliberate.

Procedure III.3010.A.b, Cybersecurity Risk Management

The College is required to protect its Information Resources and Protected Data from unauthorized disclosure, alteration, or destruction by performing due diligence through the accomplishment of Cybersecurity Risk Assessments.

Procedure III.3010.A.c, Cybersecurity Incident Response

The Incident Response Procedure (IRP) serves as the foundation for the College’s response to cybersecurity incidents. Specifically, this Procedure grants the College’s Chief Information Security Officer (CISO) the authority to appoint a Cyber Incident Response Team (CIRT) in response to actual or suspected information privacy or security event/incidents. The CIRT then has authority to investigate, respond, mitigate, and report such incidents as required by Federal and State Laws.

Procedure III.3010.A.d, Prohibited Technologies

This Procedure refers to the College’s “Security Plan for Prohibited Technologies” and “Prohibited Technologies Security Policy” as required by Texas State Law.

Procedure III.3010.A.e, Data Security

This Procedure describes the requirements and expected responsibilities for identifying, classifying, and applying the appropriate security controls to the College’s data. The College’s Information Resources are vital academic and administrative assets that require appropriate safeguards.

Procedure III.3010.A.f, Acceptable Use of Information Resources

The purpose of this Procedure is to describe the conditions for Acceptable Use of Information Resources provided by the College to the User. The College maintains control, insofar as is practicable, over its Information Resources to ensure a secure and efficient operation of such Information Resources to support College Business and further the College’s mission. In general, use of such Information Resources to conduct College Business is regarded as Acceptable Use.


Records Management & Confidentiality

The below policies & procedures are currently in effect:

Policy VI.6000.A, Student Records Management

The purpose of this policy is to state the types of records maintained by San Jacinto College (the College), define the terms associated with these various types of records, and explain the process for amending records.

Policy VI.6000.B, Confidentiality of Student Records

The purpose of this policy is to inform students & staff about the types of student records maintained at San Jacinto College, to inform students of the rights they have related to the review & disclosure of their records per federal & state legislative mandates, & to inform employees regarding processes for treating student records with the utmost care.

Policy VI-K: Policy Regarding Appropriate Use of Copyrighted Materials

It is the policy of the College to comply with federal and state laws regulating the use of copyrighted, patented, trademarked, and other proprietary materials in all forms, including in print or other hard copy, in any electronic form, or on audio or video recording.

Policy VI.6004.A, Compliance with Health Insurance Portability and Accountability Act (HIPAA)

This policy will inform students and employees that San Jacinto College complies with the HIPAA related policies of the hospitals and clinics with whom the College is affiliated.

Policy III.3001.J.a, Records Management

In compliance with the Texas Local Government Records Act, the College adopted a records management program for the management of local government records.

Policy III.3006.A, Use of Recording Devices by Employees and Students

This policy pertains to all types of electronic devices, including, but not limited to, cellular telephones, digital cameras, stand-alone video cameras, internet accessible webcams, video recorders, audio recorders, electronic tablets, and software designed to monitor computer use by a specific user. This policy applies to all employees, students, and individuals acting on the behalf of a student or employee.

Website Privacy Policy & Statement of Information Disclosure Practices

The San Jacinto Community College District is committed to ensuring the privacy and accuracy of information shared by individuals who access the College’s website and services. This Notice describes the College’s website privacy procedures, web linking practices, and other practices of the College as they relate to the collection of electronic information. This Notice is not a contract and may be revised or updated at any time by the College.


Ethical Conduct

The below policies & procedures are currently in effect:

Policy III.3003.A, Ethical Conduct and Conflicts of Interest

The College expects its trustees and employees to act ethically and with the sole purpose of advancing the best interest of the College and its constituents. All persons who represent the College have the responsibility to do so with a high standard of personal and business ethics that protects the integrity of the College at all times.

Policy III.3003.B, Prevention of Fraud and Fraudulent Actions

This policy statement is intended to increase the awareness of all employees regarding the prevention of fraud; to establish responsibility for the detection, reporting, and examination of suspected fraud; to establish guidelines for processing allegations of fraud in a fair and consistent manner; and to ensure that the Chancellor and the Board of Trustees receive proper notification of substantiated cases of fraud occurring within the College.

Policy IV-B.1.a: Policies on Equal Opportunity

It is the policy of the San Jacinto College to provide an educational, employment, and business environment free of discrimination based on race, creed, color, national origin, citizenship status, age, disability, pregnancy, religion, gender, sexual orientation, gender expression or identity, genetic information, marital status, or veteran status.

Policy VI-L: Policy on Use of Equipment

Equipment belonging to San Jacinto College District should not be removed from the campus. Certain items that are used by the faculty for off-campus events should be checked out for that purpose after approval has been obtained from the campus President.


Other Policies & Procedures

Click the button to learn more about all College Policies & Procedures


Mandatory Annual Cybersecurity Training

Click the button learn more about mandatory cybersecurity training at San Jacinto College.

The amendment to Texas House Bill 3834 relating to the requirement that certain state & local government employees & state contractors complete a cybersecurity training program certified by the Department of Information Resources. This amendment was passed on 2019-06-14 & made effective immediately.


Need More Help?

Contact TechSupport@sjcd.edu (281) 998-6137 to report immediately any incident of phishing, computer & information theft, or online fraud.