{"id":53,"date":"2024-07-09T14:31:35","date_gmt":"2024-07-09T14:31:35","guid":{"rendered":"https:\/\/www.mtsu.edu\/policies\/?page_id=53"},"modified":"2026-05-04T10:57:53","modified_gmt":"2026-05-04T10:57:53","slug":"p121","status":"publish","type":"page","link":"https:\/\/www.mtsu.edu\/policies\/p121\/","title":{"rendered":"121 \u00a0Privacy of Information"},"content":{"rendered":"\n

Approved by President<\/strong>
Effective Date: September 20, 2019
Responsible Division:  Information Technology
Responsible Office:  Information Technology
Responsible Officer:  Vice President for Information Technology<\/strong><\/p>\n\n\n\n

I.<\/strong> Purpose<\/strong><\/p>\n\n\n\n

This policy establishes principles to guide the evolution of 91大神 (91大神 or University) community standards of information privacy. This is a first step to clarify the level and protection of information privacy that may be expected by the campus community for whom 91大神 collects information. This policy is intended to be flexible and independent of current definitions or concepts of technology and to rely, instead, on common sense and a culture supportive of mutual respect. While consideration has been given to the unique qualities of electronic information, this policy reflects the reasoning that the core value of privacy is not confined to any information medium.<\/p>\n\n\n\n

While recognizing that other 91大神 policies address other privacy issues, primarily those based on federal and state laws, the objectives of this policy are to ensure that:<\/p>\n\n\n\n

    \n
  1. A sharper focus is given to the University\u2019s values and beliefs related to information privacy.<\/li>\n\n\n\n
  2. The expectations for maintaining information privacy are provided for University employees and students.<\/li>\n\n\n\n
  3. Information privacy guidelines are provided for University employees and students.<\/li>\n<\/ol>\n\n\n\n

    II. University Values and Beliefs<\/strong><\/p>\n\n\n\n

    Where discretionary considerations are possible, a balanced approach to resolving conflicts between privacy and other values must incorporate the perspectives of the University as an institution, the collective behavior of employees and students, and the protection of individual privacy.<\/p>\n\n\n\n

      \n
    1. Institutional Perspective. 91大神 must not be unduly constrained with respect to administrative efficiency in the enforcement of policies related to information privacy. Consideration should be given to the mission, internal control of information, and external mandates governing information collection and use.<\/li>\n\n\n\n
    2. Ethical Stewardship as a Collective Responsibility. Employees and students of 91大神 are ethically obligated to respect the privacy of others and to adhere to a reasonable standard of conduct that supports this collective respect. For example, when employees gain unintentional access to information that a reasonable person would consider private, personal, or confidential, sensible actions are required, such as the notification of officials who are responsible for initiating corrective measures, or simply returning or forwarding the information to the intended recipient or owner.<\/li>\n\n\n\n
    3. The Individual\u2019s Right to Know. While most employment related records are public, even confidential records can be accessed under certain conditions. Therefore, information in any form should be presumed capable of acquisition by others for purposes not related to the original creation of that information. In most instances, employees of 91大神 have a right to know when their individual records have been reviewed, subpoenaed by parties external to 91大神, or are under review by 91大神 officials or administrators who do not manage the information as part of their official duties. In such instances where it is administratively practical, the employees should be notified by email, phone call, or other means. Additionally, the Office of Human Resource Services (HRS) will maintain records of all requests for an employee’s public information. Records of requests for access are not made when the request is from University personnel as part of their job responsibilities. While most student related records are private, even confidential records can be accessed under certain conditions, such as through a judicial order or subpoena. In most instances, students will be notified of the compliance with a judicial order or subpoena by parties external to 91大神.<\/li>\n<\/ol>\n\n\n\n

      III. Student and Employee Records<\/strong><\/p>\n\n\n\n

        \n
      1. Student Records. With regard to students\u2019 education records, 91大神 adheres to the federal Family Educational Rights and Privacy Act of 1974 (FERPA). Policy 318 Access to Education Records<\/a> and FERPA provide students with the right to inspect and review education records, the right to seek to amend these records, and to limit disclosure of information from the records.

        Therefore, the release of student information in any medium, including the internet, should be done only in accordance with FERPA and         Policy 318 Access to Education Records<\/a>.\n
          \n
        1. Students have the right to restrict release of directory information as outlined in Policy 500 Access to Education Records<\/a>.<\/li>\n\n\n\n
        2. Records are retained in accordance with Policy 129 Records Management and Disposal of Records<\/a> and the American Association of Collegiate Registrars and Admissions Officers (AACRAO) guidelines.<\/li>\n<\/ol>\n<\/li>\n\n\n\n
        3. Employee and Faculty Records. HRS maintains the official personnel files for 91大神 employees. Official faculty personnel files are maintained in the Office of the Provost. See Policy 811 Personnel Records<\/a>. With the exception of records specifically deemed confidential by statute, all employee and faculty personnel information is public and accessibility is granted in compliance with Policy 120 Public Records \u2013 Inspecting and Copying<\/a>.<\/li>\n<\/ol>\n\n\n\n

          IV. Web and Social Media Sites<\/strong><\/p>\n\n\n\n

          91大神 respects the privacy of its students and employees and is committed to ensuring that any personal or confidential information that is collected is kept accurate and secure from unauthorized access. 91大神 may use third party analytics services that may use browser cookies to anonymously collect and track site usage information. This information is then analyzed as an aggregate and no personally identifiable information is collected.<\/p>\n\n\n\n

            \n
          1. Scope. This section applies to the University homepage and officially sponsored social media sites or groups, including http:\/\/www.mtsu.edu<\/a> and any other official 91大神 site. Since the 91大神 web community consists of many websites, other websites may adopt more restrictive privacy and security statements as their specific needs require. The 91大神 homepage, as well as other sites across campus, contain links to various external websites. The University is not responsible for the privacy and security practices or the content of external websites.<\/li>\n\n\n\n
          2. Information Gathered by 91大神.\n
              \n
            1. Personal information provided via email or through other online means will be used only for purposes necessary to serve the needs of the person providing that information, such as responding to an inquiry or other request for information. This may involve redirecting the inquiry or comment to another person or department better suited to meeting the inquirer\u2019s needs.<\/li>\n\n\n\n
            2. 91大神\u2019s website does use server logs to collect information concerning users\u2019 internet connection and general information about their visit to 91大神\u2019s website. This information may be used to analyze trends, to create summary statistics for the purpose of determining technical design specifications, and to identify system performance or problem areas. This means the University sometimes acquires, records, and analyzes portions of the data that is entered into, stored on, and\/or transmitted through this site by the user. This information is only released to the extent allowed or required by applicable law.<\/li>\n\n\n\n
            3. Such logging includes, but is not limited to:\n
                \n
              1. Hostname. The hostname and\/or IP address of the user\/client requesting access.<\/li>\n\n\n\n
              2. System date. The date and time of the user\/client request.<\/li>\n\n\n\n
              3. Full request.  The exact request the user\/client made.<\/li>\n\n\n\n
              4. Status. The status code the server returned to the user\/client.<\/li>\n\n\n\n
              5. Content length. The content length, in bytes, of the document sent to the user\/client.<\/li>\n\n\n\n
              6. Method. The request method used.<\/li>\n\n\n\n
              7. Universal Resource Identifier (URI). The location of a resource on the server.<\/li>\n\n\n\n
              8. Query string of the URI. Anything after the question mark in a URI.<\/li>\n\n\n\n
              9. Protocol. The transport protocol and version used.<\/li>\n\n\n\n
              10. E-mail address. In some cases, the email address of the intended recipient of an email may be logged when a link is accessed inside of an email.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<\/li>\n\n\n\n
              11. Cookies. A cookie file contains unique information that a website can use to track such things as passwords, pages the users have visited, the date the user last looked at a specific page, and to identify the user\u2019s session at a particular website. 91大神 does not use cookies to collect any information that could personally identify individual visitors.<\/li>\n\n\n\n
              12. E-Commerce. Some 91大神 web sites may enable payment for products or services online with a credit card or other electronic payment mechanism. Unless otherwise noted, these transactions are encrypted. It is 91大神\u2019s practice that confidential financial information will be used only for the purposes described in that transaction unless an additional use is specifically stated on that site. Data provided specifically to facilitate credit card or other electronic business transactions are retained only for a reasonable time to effect the transaction.<\/li>\n\n\n\n
              13. Access to Information. Information collected from any 91大神 website or social media group, including summary server log information, emails sent to the website or group, and information collected from web-based forms, may be subject to state and federal laws. This means that while 91大神 does not actively share information, in some cases it may be compelled by law to release information gathered from its web servers or social media groups.<\/li>\n\n\n\n
              14. Information Usage. In the course of using the websites or social media groups, users may choose to provide information to the University via web forms, email, or other electronic means. Personally identifiable information submitted will be used only for 91大神-related purposes. 91大神 will not sell this data to outside parties. Requests for information and information submitted via forms on websites or social media groups will be directed to the appropriate staff to respond to those requests and may be recorded to help 91大神 improve its site to better respond to similar requests. 91大神 may use this information in any investigation of a potential violation of 91大神 policies and procedures or as required by federal, state, or local law.<\/li>\n\n\n\n
              15. Security. Extensive security measures have been employed to protect against unauthorized access, disclosure, modification, or destruction of information under the institution’s control, as well as the loss, misuse, or alteration of University websites, social media sites, and\/or associated electronic information resources.<\/li>\n\n\n\n
              16. Contractors\/Outsourced Development. Any entity contracted to develop or provide web or social media services is bound by and must follow this policy and Policy 920 Information Security<\/a>, as well as all applicable University policies, in order to protect personally identifiable information (PII).<\/li>\n\n\n\n
              17. Web Analytics. Some 91大神 websites use a third-party web analytics service to collect information such as URLs, internet domain and host names, browser software, and the date and time that the site is visited. This information is used to monitor the effectiveness of the website and to consider potential improvements to the website. The information is non-personal and is transmitted to and stored by the third party on its servers. 91大神 does not share any specific information about a particular user. More information on web analytics is available by contacting the\u00a0Information Technology Division<\/a>.<\/li>\n<\/ol>\n\n\n\n

                V.<\/strong> Additional Privacy-Related Policies<\/strong><\/p>\n\n\n\n

                Several current 91大神 policies are directly or indirectly related to information privacy issues, illustrating the nature and complexity of the topic. These include the following:<\/p>\n\n\n\n

                  \n
                1. Policy 150 Social Networking and Media<\/a><\/li>\n\n\n\n
                2. Policy 211 Misconduct in Scholarly Activities and Research<\/a><\/li>\n\n\n\n
                3. Policy 402 Protection of Human Subjects in Research<\/a><\/li>\n\n\n\n
                4. Policy 910 Information Technology Resources<\/a><\/li>\n\n\n\n
                5. Policy 920 Information Security<\/a><\/li>\n<\/ol>\n\n\n\n

                  VI<\/strong>. Disciplinary Actions<\/strong><\/p>\n\n\n\n

                  Employees or students who access files or browse data of others, or access any information technology resources without authorization, or who engage in the unauthorized dissemination of information obtained from these resources, may have violated the privacy of others. If so, such behaviors are subject to disciplinary actions that are in proportion to the nature of the offense pursuant to institutional policy. <\/p>\n\n\n\n

                  Forms: none.<\/p>\n\n\n\n

                  Revisions: June 5, 2017 (original); September 20, 2019.<\/p>\n\n\n\n

                  Last Reviewed: September 2019.<\/p>\n\n\n\n

                  References: Family Educational Rights and Privacy Act of 1974;  American Association of Collegiate Registrars and Admissions Officers Guidelines; Policies 120 Public Records \u2013 Inspecting and Copying; 129 Records Management and Disposal of Records; 150 Social Networking and Media; 211 Misconduct in Scholarly Activities and Research; 402 Protection of Human Subjects in Research; 500 Access to Education Records; 811 Personnel Records; 910 Information Technology Resources; 920 Information Security.<\/p>\n","protected":false},"excerpt":{"rendered":"

                  Approved by PresidentEffective Date: September 20, 2019Responsible Division:  Information TechnologyResponsible Office:  Information TechnologyResponsible Officer:  Vice President for Information Technology I. Purpose This policy establishes principles to guide the evolution of 91大神 (91大神 or University) community standards of information privacy. This is a first step to clarify the level and protection of information privacy that may […]<\/p>\n","protected":false},"author":8,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-bannernosidebar.php","meta":{"footnotes":""},"class_list":["post-53","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.mtsu.edu\/policies\/wp-json\/wp\/v2\/pages\/53","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mtsu.edu\/policies\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.mtsu.edu\/policies\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.mtsu.edu\/policies\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mtsu.edu\/policies\/wp-json\/wp\/v2\/comments?post=53"}],"version-history":[{"count":1,"href":"https:\/\/www.mtsu.edu\/policies\/wp-json\/wp\/v2\/pages\/53\/revisions"}],"predecessor-version":[{"id":3042,"href":"https:\/\/www.mtsu.edu\/policies\/wp-json\/wp\/v2\/pages\/53\/revisions\/3042"}],"wp:attachment":[{"href":"https:\/\/www.mtsu.edu\/policies\/wp-json\/wp\/v2\/media?parent=53"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}