As a university employee, you are likely to work with information that the university considers sensitive or personal, such as employee records, alumni lists, payroll information, details of university expenditures and income, and student records. Maintaining the privacy of this information is very important and, in some cases, is governed by federal law. Anyone who handles personal information about students or other employees has the obligation to maintain strict confidentiality and to comply with the requirements of the Family Educational Rights and Privacy Act (“FERPA”) and the Gramm-Leach-Bliley Act (“GLB”).
FERPA requires that education records be kept confidential. Records may be disclosed with the consent of the student if the disclosure meets one of the statutory exemptions, or if the disclosure is directory information and the student has not placed a hold on release of directory information. At Wittenberg, the registrar serves as the FERPA compliance officer.
GLB regulates the disclosure of certain kinds of non-public personal information. The primary purpose of the law is to ensure the security and confidentiality of customer information. At Wittenberg, the controller serves as the GLB compliance officer.
You are expected to protect all confidential, sensitive or personal information by safeguarding it when in use, filing papers properly when not in use, and discussing any sensitive or private university business only with those who legitimately need to know. If you are unclear as to what information is sensitive or private, you are responsible to ask your supervisor.
All contacts with the media must be referred to the director of university communications. All statements, papers, articles, speeches, or presentations that might be construed as an official position of the university must be approved by your supervisor before publication or presentation.