Law and Policy

Please be aware

University policies are often directly influenced by state and federal laws, both of which can have multiple intersecting sets of laws which have to be considered when making security decisions. Here we look at laws and policies relevant to information security, including HIPAA, FERPA, TAC 202, and TXGC 2054. This list is not comprehensive and awareness of all laws and policies is the responsibility of every information resource user at Texas State University. If you cannot find what you are looking for and need further assistance, contact

TXST Security Policies

University security policies exist to create understanding, openness, and clarity around how the ISO operates and provide the authority under which we operate. Policies cover everything from identity and access management to network operations. Familiarize yourself with all university security policies here.

bobcat vector
texas flag

Texas Laws

Texas laws govern much of how the university operates. They mandate the existence of the ISO and provide the legal authority for training requirements, auditing procedures, records retention, and more. Familiarize yourself with relevant security and privacy laws in this section. 

Federal laws

Federal statutes like HIPAA and FERPA are the overarching laws that guide how policy is set around educational and medical records for Texas State faculty, staff, and students. If you deal with HIPAA or FERPA data, please take to learn about those laws and review the links provided here.

HIPAA logo vector
copyright law vector

Copyright Law

Crediting sources is good but it isn't a cure to copyright infringement, because sometimes obtaining permissions or purchasing licenses to use resources is a legal requirement. The Copyright Office can help get answers to your questions about copyright issues at the university. Report copyright infringement to the ISO with the button below.