Code of Responsibility, Privacy, and Confidentiality of Data

Code of Responsibility, Privacy and Confidentiality of Data

and

Acknowledgment of SUNY New Paltz Policies and Procedures

Note: This is available in Microsoft Word format for easier printing: Code of Responsibility, Privacy and Confidentiality of Data

SUNY New Paltz policies along with Federal Laws are in effect to ensure the security, privacy and confidentiality of information used in our operations. These are matters of concern for all employees and any other persons who have access to our data systems or physical facilities. Each person who has direct access to confidential data holds a position of trust relative to this information and must recognize the responsibilities entrusted to them and this office, _______________________ in preserving the security, privacy and confidentiality of this information. Therefore, each employee of this Department and any other person authorized access to any information through the facilities of this Department is:

• Not to make or permit unauthorized use of any information.
• Not to seek personal benefit or permit others to benefit personally by any confidential information which has come to them by virtue of their work assignment and in accordance with the University and Department policies.
• Not to exhibit or divulge the contents of any record or report to any person except in the conduct of their work assignment in accordance with University and Department policies.
• Not to knowingly include or cause to be included in any record or record a false, inaccurate or misleading entry.
• Not to remove any official record (or copy) or report from the Department where it is kept except in the performance of their duties.
• Not to operate or request others to operate any University equipment for purely personal business.
• Not to aid, abet, or act in conspiracy with another to violate any part of this code.
• To immediately report any violation of this code to the supervisor.

While your supervisor can assist you in understanding the policies and how we operate within them, you should become familiar with the provisions particularly regarding how these relate to your role within the Department.

Acknowledgment of Confidentiality of Records

I recognize that job requirements assigned to employees may require access to and use of confidential information.  Confidential information includes all personally identifiable, potentially sensitive data and information about students, faculty, staff and patients.  This information is disclosed or known to me as a consequence of my employment and is not generally known outside the University. Confidential information also includes any data protected under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Gramm Leach Bliley Act, and the Family Educational Rights and Privacy Act (FERPA) and any other applicable Federal or State privacy laws, rules, or regulations.

Acknowledgment of New Paltz Policies and Procedures

• FERPA (Family Educational Rights and Privacy Act): www.newpaltz.edu/ferpa
• HIPAA - Patient Privacy: Contact Information Security for more information
• Gramm Leach Bliley Act: https://www.gpo.gov/fdsys/pkg/PLAW-106publ102/pdf/PLAW-106publ102.pdf
• Acceptable uses and Privacy Policy: www.newpaltz.edu/itpolicy
• Confidential Information Policy: www.newpaltz.edu/itpolicy
• Credit Card Processing and Handling Policy: www.newpaltz.edu/itpolicy
• Information Incidence Response Policy: www.newpaltz.edu/itpolicy

My signature on this document certifies that I have received and agree to abide by the Code of Responsibility, Privacy, Confidentiality of Records and University Policies and Procedures.

Employee Name                                                                                    Department