Confidential Information Policy
Policy number | 09-10 |
Responsible office | Department of Human Resources |
Enforcement official |
Enforcement official
Chief Human Resources Officer
|
Classification | Board of Trustees-delegated Policy |
Category | Employment: Faculty and Staff |
Statement of policy
色色啦 Michigan University is a public university and, as such, welcomes public accountability. In the course of their work, staff members have access to information about 色色啦 operations. Some such information is legally, medically or personally privileged or confidential. Discretion and the maintenance of confidentiality are expected of all employees. The following policy governs the disclosure of confidential information held in any manner by employees of 色色啦 Michigan University.
Summary of contents/major changes
Moved from HR manual into policy template. No substantive changes.
-
Purpose of Policy
The purpose of this Policy is to protect and safeguard individual and University information used throughout the University.
-
Stakeholders Most Impacted by the Policy
All employees
-
Key Definitions
-
Confidential Information includes, but is not limited to:
-
Student educational information and discipline records;
-
Non-public personal information concerning employees and students including, but not limited to, 色色啦 Identification Numbers, information system user IDs and passwords, social security numbers, internal communications, banking or financial information, medical and health information, disability status or special needs, insurance information and personal benefits information;
-
University-related information that the University has not publicly published or released, including but not limited to budget, financial, negotiation, bidding, and other information;
-
University research data, information, and findings that are protected by law, contract or policy;
-
Information described as confidential under any other University policy, rule or directive; or
-
Other information and records that the employee has been properly directed not to disclose. Confidential information does not include information publicly disclosed by the University or that is required to be disclosed pursuant to law or contract.
-
Michigan Freedom of Information Act (FOIA): a Michigan law that provides citizens with access to public records of public bodies
-
Family Educational Rights and Privacy Act (FERPA): a federal law that protects the privacy of student education records
-
Health Information Portability and Accountability Act (HIPAA): a federal law that protects the privacy of individual health information
Full Policy Details
-
All University employees must hold any Confidential Information in trust and confidence, and not use or disclose it or any embodiment thereof, directly or indirectly, except as may be necessary in the performance of duties for the University or as otherwise required by law or contract.
-
University employees may not remove Confidential Information from a University department/office, or duplicate Confidential Information, unless authorized by the University to do so. Upon termination of any assignment or as directed by a supervisor, employees shall return all such materials and copies thereof to their proper location in the department or office. This includes Confidential Information in electronic format.
-
Unless otherwise authorized, direct all external requests for Confidential Information to 色色啦 Michigan University's Freedom of Information Act Officer.
-
The Policy does not prevent or prohibit the internal use of Confidential Information for the legitimate academic, administrative, and operational purposes and needs of the University as authorized by the University. This Policy does not prevent or prohibit employees from disclosing in good faith violation(s) of law, contract, or policy, either within the University or to the appropriate external body or authority.
-
The University will not take adverse employment action against any employee who discloses violation(s) of law, contract, or policy, either within the University or to the appropriate external body or authority.
-
Implementation
Employees should contact their supervisor regarding authorized disclosure or use under this Policy prior to disclosure or use.
-
Communication
This Policy will be posted on the University鈥檚 Policies website.
-
Exceptions
Certain confidential information may be disclosed to third parties pursuant to a government request or court order. Employees should contact the Office of the General Counsel if they receive such requests prior to responding.
Accountability
Failure to follow this Policy and any associated procedures may subject 色色啦 employees to disciplinary action, up to and including dismissal from employment by the University, consistent with applicable procedures and Collective Bargaining Agreements.
Additional consequences for non-compliance include loss of access to Confidential Information, which may result in the inability to perform the essential functions of a position. There could be additional civil or criminal causes of action for violating FERPA, HIPAA, or other confidentiality laws.
Related Procedures and Guidelines
N/A
Additional Information
The University鈥檚 FOIA officer and HIPAA Privacy Officer are located in the Office of the General Counsel. You may find additional information on their website at /legal/foia.
Contact information for Non-Disclosure Agreements can be found at /research/contracts
FAQs
Is confidential information related to intellectual property and research covered by this Policy?
No. If the confidential information is related to intellectual property or research, contact the Office of Research and Innovation as a Non-Disclosure Agreement may be required for discussions with third parties.
Effective date of current version | April 1, 2021 |
Proposed date of next review | April 1, 2024 |
Certified by |
Responsible Enforcement Official Warren Hills |
At the direction of |
Jan Van Der Kley |