MAIN MENU 
DEPARTMENT MENU 
Skip Ribbon Commands
Skip to main content
Sign In

Security

:

Jan18

​​​January 2018: Privacy Is Our Shared Responsibility​

Everyone in our community is responsible for the protection of our customers' privacy and their personal information. However, you don't need to understand the nuances of every privacy regulation currently affecting higher education to tackle data privacy issues on campus. Whether you are working on a data breach response plan, updating institutional policies, collaborating with researchers on a new project, or educating students, faculty, and staff about data privacy, consider teaming up with your institution's privacy officer(s). The privacy officer(s) will be more than happy to lend expertise and help make sure privacy, risk, and information security considerations are carefully weighed.
Know and understand your privacy policies.
 
  • Most institutions have a standard privacy policy, statement, or notice on their website to help visitors understand the practices related to the collection, use, or disclosure of information. Two examples include Indiana University and the University of California, Berkeley.
  • Additional privacy statements or notices may be included in third-party contracts or services offered to students, faculty, and staff (e.g., learning management systems used for classes).
  • Also consider any third-party privacy policies or terms and conditions you may have agreed to as an individual (e.g., Facebook or any other third-party services or apps that aren't officially hosted by the institution through a signed contract).
​Always start with privacy.
 
  • Include privacy in the planning phase of all new projects.
  • If you don't need personal information, don't collect it. You can always ask for more information later.
  • Inform your customers about why you're collecting their personal information.
 
Keep and use data securely.
 
  • Keep personal information confidential and limit access to the data.
  • Make sure you're only using the data the way you said you'd use it. Ensure you get the customer's consent before you use it otherwise.
  • Destroy or deidentify private information when you no longer need it.
  • Know your data breach response plan
Privacy is Good for Business Tips

 

 

 Juan Enriquez: Your online life, permanent as a tattoo

 

 

 Securing the Human

 

 

 TEST

 


Resources
 
Brought to you by the Awareness and Training Working Group of the EDUCAUSE Higher Education Information Security Council (HEISC).  This EDUCAUSE Review blog is licensed under Creative Commons BY-NC-SA 4.0.​​​​