Guilford College takes affirmative steps to safeguard confidential information that may reside in its information and business systems about employees, students and others, and proactively deal with the risks of information security and privacy breaches, consistent with laws and regulations dealing with information and data privacy and security.
Purpose/Reason for Policy: This policy describes the means by which confidential information will be safeguarded, and informs employees, student workers, and volunteers of their duty to protect and safeguard all confidential information acquired during the course of employment or service to the College.
Scope/Covered Persons: All members of the Guilford College Community
Definitions:
Confidential Information includes, but is not limited to: any personally-identifiable student and parent records, financial records (including social security and credit card numbers), and health records; contracts; research data; alumni and donor records; personnel records other than an individual's own personnel records; College financial data; computer passwords, Guilford proprietary information/data; and any other information for which access, use, or disclosure is not authorized by: 1) federal, state, or local law; or 2) College policy or operations.
The Policy:
The following principles govern confidentiality at Guilford College:
- Documents and files (both electronic and hardcopy) containing confidential information are to be accessed, used, and disclosed only with explicit authorization and only on a need-to-know basis for either an employee's job functions or volunteer's service.
- Upon conclusion of an employee's employment or of a student worker or volunteer's service, or upon request of a supervisor, employees, student workers, and volunteers will return originals and copies of all documents and files (whether electronic or hardcopy) containing confidential information to the College and relinquish all further access to and use of such information. Nothing in this policy prohibits employees from discussing the terms and conditions of their employment as authorized by law.
- Faculty and staff who need to access, use or disclose personally identifiable student information in the course of their work duties should contact the College registrar with questions about the laws governing the protection of student records.
Roles and Responsibilities: All employees, student workers, and volunteers have a duty to use available physical, technological, and administrative safeguards, in accordance with College policies and procedures, to protect the security of all confidential information in whatever form or medium.
Compliance: Violation of this policy may result in disciplinary action being taken against the responsible employee, student worker, or volunteer. Disciplinary action may include, but is not limited to, revocation of access to confidential data, demotion, suspension, termination of employment, and/or possible criminal or civil prosecution under Federal or State statutes.
Other related Policies, Regulations, Statutes and Documents:
Responsible Office:
Approval Authority: Guilford College President
Revision History: Updated in the Employee Handbook revision of 2018