...
Requests for access to protected information are reviewed by ITS in consultation with the Office of General Counsel, Chief Information Security Officer, University Controller and all other relevant parties to ensure that appropriate measures are taken to protect University data and carried out in compliance with all applicable laws, regulations and policies.
...