Electronic Media Handling Policy

The purpose of this policy is to ensure the protection of electronic media at UTAS-Sur, including storage devices such as USB drives, hard disks, and optical discs (e.g., CDs and DVDs). This is to prevent unauthorized access, theft, and misuse of sensitive information stored on these media. 

This policy applies to all members of UTAS-Sur, whether on a temporary or permanent basis as well as any third parties working with or contracted by the university, it covers all environments where the university’s information systems are operated. 

Information Systems and Educational Technologies Center.

‏Assistant Vice Chancellor for UTAS – Sur.

Any violation of this policy by all members or third parties (suppliers, contractors, business partners, etc.) will be subject to disciplinary and legal actions in accordance with the laws of the Sultanate of Oman, including regulations related to cybersecurity, university’s policies, labor laws, and electronic transactions. 

 Storage of Electronic Media: 

• Electronic media must be stored in a secure environment and location that meets safety conditions. 

• Identification labels should be used for electronic media requiring special handling, ensuring that unauthorized personnel cannot access them. 

• Sensitive data stored on electronic media must be retained for only as long as necessary and then securely deleted to prevent data breaches. 

 

Security of Electronic Media During Movement: 

• UTAS-Sur must ensure the protection of sensitive data on electronic media during movement. 

• A record of data transfers must be maintained to track the movement of sensitive media. 

Reusable Electronic Media: 

• Data on reusable electronic media must be securely erased before reuse to ensure that previously stored information cannot be retrieved. 

• All storage devices (such as hard drives) must be checked to ensure sensitive data has been removed before disposal or reassignment. 

 

 Disposal of Electronic Media: 

• Data stored on removable electronic media must be securely wiped before disposal or reuse. 

• Any media containing sensitive data that is no longer needed must be physically destroyed to prevent unauthorized access. 

• A record of media destruction must be maintained, and responsible individuals should document and oversee the process. 

This policy shall take effect from the approval date.