fbpx
MENU

INFORMATION COLLECTION AND INFORMATION RELEASE

ALDAR University Policy Library

STANDARD 10. LEGAL COMPLIANCE AND PUBLIC DISCLOSURE
INFORMATION COLLECTION AND INFORMATION RELEASE

Search Document

Keyword(s)

Collection, Use, and Disclosure of Personal Information

It is necessary to record, store, process, and transmit personal information. ADUC takes its responsibilities concerning the use of personal information seriously and seeks to provide functional and secure systems for the appropriate handling of data and information.

 

Handling of Personal Information

Access 

Student and employee information may only be shared with individuals employed by ADUC or its agents who have a legitimate educational or supervisory interest in that information. 

 

Change of Status Information 

If there is a need to change status information, then this should be treated with the same level of confidentiality as the original information, which should be replaced. 

 

Collection of Information 

After appropriate notification, only personal information may be collected. Personal information should be up-to-date with accuracy to meet the purposes for which it was collected or for which consent was granted. Individuals should be able to review, inspect, and update information relating to themselves, consistent with applicable law and ADUC regulations.

 

Disposal of Personal Information 

As long as personal information is no longer needed or is not required to be maintained by law/public record, it should be disposed of in an approved method. 

 

Off-site Use 

Regardless of on or off-campus location, the same requirements for handling personal information should be followed.

 

Testing of Information System

When conducting an audit testing on ADUC systems that contain personal information, precaution should be taken with attempts to minimize the number of locations where the data resides to prevent inadvertent disclosure through controls for access and security protection

 

Expectation of Compliance 

ADUC employees are expected to comply with policies and procedures that apply to collecting or using personal information. They are expected to take steps necessary to protect all faculty, staff, and students’ privacy.