Skip to content

Office of University Compliance and Ethics

Privacy Program


The University Privacy Program is responsible for the development and implementation of a comprehensive data privacy strategy that adequately protects information assets, meets compliance requirements, and reduces overall risk. 

The privacy program advises University constituents regarding potential institution-wide risks and collaborates with other enterprise programs charged with data protection such as the information security, records management, and data governance programs, to ensure alignment with privacy best practices. 

University Privacy Principles

The University is committed to the cultivation of a culture that values the protection of privacy as an integral part of daily interactions with members of the University community and their personal data.  We strive to reduce or avoid privacy harms by applying the University Privacy Principles to the development of processes, technology deployments, and strategic decision making.

  • Limitation Principle. Limit the collection of personal data to the minimum necessary required to accomplish a specific University mission and/or operation.  Restrict access to personal data to personnel with a need to know for the performance of their duties.
  • Accountability Principle. Be accountable for the management and protection of personal information and the implementation of the University Privacy Principles. Train employees and affiliates on their responsibilities to protect data.
  • Transparency Principle. Provide reasonable advance notice of our information management practices, and offer individuals choices on whether to and how to provide their information.
  • Proactive Due Diligence Principle. Identify and mitigate privacy risks within our internal operations and the operations of our vendors and other third parties.