Privacy Policy

Click any statement to reveal the official text and commentary where available.
Expand All   View Printable Version

Policy Summary

1. Access to sensitive information must be restricted to authorized personnel with a need to know.

   The responsible use of sensitive information requires that the University respect individual privacy, protect against identity theft and other unauthorized uses, and comply fully with all laws and government regulations in the collection, use, storage, display, distribution and disposal of such information. Authorized uses of sensitive information within the University are limited to uses which a) are necessary to meet legal and regulatory requirements; b) facilitate access to services, transactions, facilities and information; or c) support efficient academic and administrative processes.

   Access to sensitive information is limited to:

   • the individual whose information is produced or displayed;
   • a University official or agent of the University with authorized access based upon a legitimate academic or business interest and a need to know;
   • an organization or person authorized by the individual to receive the information;
   • a legally authorized government entity or representative;
   • other circumstances in which the University is legally compelled to provide access to personal information, such as the Georgia Open Records Act;
   • or other individuals or entities, as allowed by law, for purposes judged to be appropriate or necessary for the reasonable conduct of University business
   
   
2. Social Security numbers are always confidential, and are subject to access restrictions. Do not print SSNs on non-confidential documents, or transmit over unsecured methods.

   Social Security numbers are always considered confidential and are therefore subject to the access restrictions described above. The University will continue to collect and maintain Social Security numbers in all instances in which that number is required by law for reporting or other uses. This includes, but is not limited to, all enrolled students who are U.S. citizens or permanent residents. In addition, the University will continue to use Social Security numbers, as allowed by law, for operational purposes for which there is no reasonable substitute.

   The University, its faculty, staff, and students must abide by all state legal regulations pertaining to Social Security Number protection. It is against both state law and University policy to:

   • Publicly post or display the Social Security number in any manner;
   • Require an individual to transmit his or her Social Security number over the Internet unless the connection is secure or the number is encrypted; or
   • Require an individual to use his or her Social Security number to access an Internet site unless a unique password or PIN is also required;

   This Privacy Policy also prohibits the following:

   • Printing the Social Security number on any card required to access services; or
   • Establishing a new process that requires the printing of a Social Security number on any materials that are mailed unless required by other state or federal agency.
   
   
3. All departments that collect sensitive information online must link to the Privacy Policy and disclose any outside entities that can access that information.

   University departments that collect sensitive information on their Web pages must post a link to the UGA Privacy Policy and inform consumers about any persons or entities outside the University with whom they may share Sensitive Information collected online. If there is a process for the consumer to change such information, that process must be described and available to the consumer on the department Web pages. Any changes to this privacy policy will be posted on the Web site.