Eastern Illinois University maintains strict confidentiality and security of
records in compliance with the Family Educational Rights and Privacy Act of
1974 (FERPA), the Health Insurance Portability and Accountability Act (HIPAA)
and the Gramm-Leach-Bliley Act (GLBA), in addition to other federal and state
laws. These laws pertain to the security and privacy of all records that contain
information that identifies or could lead to the identification of a student
or that could reveal private information concerning an employee or customer.
Employees are authorized access to such private information as a condition
of employment to the extent necessary to perform their duties. As an employee/volunteer/student/third
party administrator of the university, you are required to protect against unauthorized
access to such information, ensure the security and privacy of such information,
and disclose any anticipated threats or hazards to such information. You must
be very careful not to release this information to the public or to other individuals,
including but not limited to University employees who have not been authorized
or who do not have a legitimate institutional or business need to know.
Any questions regarding release of such information to another person should
be directed to your supervisor or their designee.
Eastern Illinois University defines unauthorized access to be:
- Access to student, employee or University information not necessary to carry
out your job responsibilities.
- Non-business or non-institutional access to the records of a student or
employee. This includes your children as protected under FERPA, spouse, parents
and other relatives as well as friends and acquaintances.
- Release of student or employee information to unauthorized internal or external
users.
- Release of additional or excessive student or employee information to an
authorized individual/agency than is essential to meeting the stated purpose
of an approved request.
Information may not be divulged, copied, released, sold, loaned, reviewed,
altered or destroyed except as properly authorized by the appropriate university
official within the scope of applicable federal or state laws, including record
retention schedules and corresponding Internal Governing Policies.
As an employee of Eastern Illinois University, you must abide by the rules,
regulations, policies and procedures of EIU as well as federal and state laws
applicable to your position at the university. EIU may at any time, revoke employee/volunteer/student/third
party access, other authorization, or other access to confidential information.
Additionally, failure to comply with any of the acts, rules, regulations, EIU
policies and corresponding procedures may result in disciplinary actions, including
termination of employment. Criminal or civil penalties may also be imposed,
depending upon the nature and severity of the breach of confidentiality.
For more information on policies at Eastern Illinois University, see the links
below.
|
