It is necessary to record, store, process, and transmit personal information. ADUC takes its responsibilities concerning the use of personal information seriously and seeks to provide functional and secure systems for the appropriate handling of data and information.
Student and employee information may only be shared with individuals employed by ADUC or its agents who have a legitimate educational or supervisory interest in that information.
If there is a need to change status information, then this should be treated with the same level of confidentiality as the original information, which should be replaced.
After appropriate notification, only personal information may be collected. Personal information should be up-to-date with accuracy to meet the purposes for which it was collected or for which consent was granted. Individuals should be able to review, inspect, and update information relating to themselves, consistent with applicable law and ADUC regulations.
As long as personal information is no longer needed or is not required to be maintained by law/public record, it should be disposed of in an approved method.
Regardless of on or off-campus location, the same requirements for handling personal information should be followed.
When conducting an audit testing on ADUC systems that contain personal information, precaution should be taken with attempts to minimize the number of locations where the data resides to prevent inadvertent disclosure through controls for access and security protection
ADUC employees are expected to comply with policies and procedures that apply to collecting or using personal information. They are expected to take steps necessary to protect all faculty, staff, and students’ privacy.