|
Policy on the Privacy and Security
of Thiel College Customer Information
Introduction
The Gramm-Leach-Bliley Act of 2000 mandates that Thiel College
will provide for the security and confidentiality of customer information. To protect against any anticipated threats
to the security or integrity of such information and to guard against the unauthorized access to or use of such
information. The following is a summary of Thiel College's definitions, policies and procedures as related to the
privacy, access and security of customer information.
Privacy of Information
All of the information collected and maintained in the administrative
system is considered to be an institutional resource. The data may be received over the internet through secure
software or directly entered into the system by College employees. The administrative system is used to capture
and maintain data pertaining to faculty, staff , students and alumni. Thiel College recognizes the need for privacy
and the protection of confidential information. Access to the administrative system is provided on a "need
to know" basis and the necessity of College employees to have reasonable access to confidential information to do their jobs in an efficient and effective manner.
Access to Information
A college employee with management approval and the need to
access confidential information will be issued a secure login and password to the administrative system. The login
and password will be issued by the Information Technology Department and will limit an employee to a specific area
of the system only. No one outside of the College community shall have access to administrative records. Any misuse
or misrepresentation of confidential information may result in loss of system privileges and other actions as deemed
necessary by the College.
Security of Hardware
Access to the administrative system hardware is protected
through card access and key locks. Data on the administrative system is archived each day and the archived tapes
moved offsite to a secure location. Access to administrative system data from the internet is prohibited and protected
through secure logins, passwords ,software and firewalls. Without interfering with each departments workflow and
within reason, computers having access to the administrative system and computer printouts are kept secure and
not left unattended.
Disclosure of Customer Information
Disclosure of information from the administrative system records
will be limited to employees of the College and those persons designated by written request to receive confidential
information. Furthermore, Thiel College may disclose or electronically deliver administrative system information
to service providers such as federal or state agencies and other organizations contracted by the College who provide
for the appropriate safeguards and confidentiality of the records and where such disclosure is necessary to fulfill
the educational interests of students, or to carry out other contractual obligations of the College.
|
