Download presentation
Presentation is loading. Please wait.
Published byJodie Goodwin Modified over 9 years ago
1
Protecting Privacy of Institutional Data Being aware of and respecting student, faculty and staff requests for privacy of personal data in LAN/NOS environments
2
Agenda Why me, why now? Types of privacy requests Data sources and privacy requests UMOD attributes describing privacy requests Honoring privacy requests in eDir Honoring privacy requests in AD
3
Why me, why now? Provisioning projects in eDirectory (Michigan Tree) and Active Directory (UMRoot ‘academic’ forest) provide institutional data to LAN/NOS environments Included in that data is information about privacy requests of individuals These requests must be honored in the LAN/NOS environments, whether the protected data is derived from institutional data or locally populated
4
Types of privacy requests Do Not Publish FERPA UMOD Private
5
Do Not Publish Faculty and staff Applies to home address and phone number Requested through Wolverine Access See http://www.itd.umich.edu/itcsdocs/s4276/ #infoout http://www.itd.umich.edu/itcsdocs/s4276/ #infoout
6
FERPA Family Educational Rights and Privacy Act of 1974 (also known as Buckley Amendment) Protects privacy of student’s education records Certain information designated “directory” information Student may request that “directory” information be kept private and protected Request made in the Office of the Registrar, renewed each term See http://www.umich.edu/%7Eregoff/rights.html http://www.umich.edu/%7Eregoff/rights.html
7
U-M “directory” information Name Permanent/Local Address and Phone UM School or College Class Level Major Field Dates of Attendance Degree(s) received Dates awarded Honors & Awards received Participation in recognized activities Previous school(s) attended Height/Weight of members of intercollegiate athletic teams
8
UMOD Private Applies only to information in UMOD (U-M Online Directory) Hides most of the information in your directory entry from anyone other than yourself See http://www.itd.umich.edu/itcsdocs/s4276/ #infoout http://www.itd.umich.edu/itcsdocs/s4276/ #infoout
9
FOIA Freedom of Information Act Contact U-M FOIA Officer, Lewis Morrissey (morrisse@umich.edu) Requests must be acknowledge within 5 days by the U-M FOIA Office See http://www.umich.edu/~urel/foia.htmlhttp://www.umich.edu/~urel/foia.html
10
Data sources and privacy requests AD and eDir populated by data from UMOD (U-M Online Directory) Contains student and employee (faculty and staff) data from Ann Arbor, Dearborn and Flint Contains alumni and retirees
11
UMOD attributes describing privacy requests TriggerhideCnprivateferpadoNotPublish admitted studentX X FERPA student who is not also faculty/staffXX FERPA student who is also faculty/staff X anyone w/Private checked in UMODX faculty/staff who have requested DoNotPublish X
12
UMOD attributes describing privacy requests
13
Honoring privacy requests Do not populate protected attributes for private users Providing some resources may require attributes to be populated (email) If attribute must be populated, user (student or employee) must first grant written permission for the protected data to be used for that purpose. Do not use that data for any other purpose. If written permission is not granted, then you cannot populate that attribute.
14
Honoring privacy requests in eDir The only data on a user populated from UMOD is the uniqname Uniqname is also used for the required surname attribute While a local admin has eDir rights to populate user attributes, they must respect privacy requests
15
Additional Resources The U-M Online Directory Via the Web: Finding and Changing Your Personal Entry http://www.itd.umich.edu/itcsdocs/s4276/#infoout http://www.itd.umich.edu/itcsdocs/s4276/#infoout Office of the Registrar: Student Rights and Student Records http://www.umich.edu/%7Eregoff/rights.html http://www.umich.edu/%7Eregoff/rights.html University of Michigan and Michigan's Freedom of Information Act http://www.umich.edu/~urel/foia.html http://www.umich.edu/~urel/foia.html Handling Student, Employee, and Patient Information: Quick Reference Sheet Introduction to M-Pathways SA and HRMS: Access and Compliance SPG 601.11 – Privacy of Electronic Mail and Computer Files, etc. http://www.umich.edu/~spgonlin/pdf/601.11.pdf http://www.umich.edu/~spgonlin/pdf/601.11.pdf SPG 601.12 – Institutional Data Resource Management Policy http://www.umich.edu/~spgonlin/pdf/601.12.pdf http://www.umich.edu/~spgonlin/pdf/601.12.pdf
16
Honoring privacy requests in eDir How-to
17
Honoring privacy requests in eDir Demo
18
Honoring privacy requests in AD Users with any of the four privacy flags on are populated with only uniqname When users are moved into Accounts OU, admin has the ability to modify attribute values and must protect privacy requests
19
Honoring privacy requests in AD How-to
20
Honoring privacy requests in AD Demo
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.