Skip to Main Content
SEARCH:   This Site People Departments Penn State
Office of the Corporate Controller Penn State homepage Finance and Business homepage Office of the Corporte Controller homepage

ABOUT THE PRIVACY OFFICE

The mission of the Privacy Office is to serve as a central resource for issues of privacy and to provide leadership in the development of programs and practices to meet relevant privacy requirements and standards.

The Privacy Office is responsible for the ensuring the policies around the protection of student's, faculty and staff's personal private information are consistent with Federal and State legislation. Additionally, it is tasked with the implementation and administration of Policy AD-19 regarding the use of the PSU ID and SSN (Social Security Number).

The office is charged with the University's compliance to privacy regulations and the coordination of notifications resulting from compromised computers which have Personally Identifiable Information (PII). Security Operations and Services (SOS), a unit of Information Technology Services (ITS), and the Privacy Office work very closely together on notification, compliance and remediation efforts pertaining to PII.

Federal and state regulations, such as Health Insurance Portability and Accountability Act (HIPAA) and Family Educational Rights and Privacy Act of 1974 (FERPA), are among other statutes that are monitored by the Chief Privacy Officer to assure Penn State policies are in compliance.

University contracts which involve privacy concerns are reviewed by the Privacy Office. Generally, the process is facilitated by the Contracts Coordinator within Risk Management or through the Penn State Purchasing Department.

The Privacy Office is housed within Risk Management, which is part of the Corporate Controller’s area. 

Penn State staff should visit the authenticated tab for access to specific University-related documents.

Penn State has several University-wide initiatives to protect information, privacy and security. Some of those initiatives include scanning for Personally Identifiable Information, encryption and running in the least privilege mode. The Data Classification Scheme is also in the final stages. To protect privacy and be more secure outside of the workplace, visit the “Be Safe” campaign.

Committees the Privacy Office is involved in

  • EDUCUASE - Higher Education Chief Privacy Officers Co-Chair
  • EDUCAUSE - Higher Education Information Security Council (HEISC) Governance, Risk, and Compliance (GRC) Working Group
  • Hershey Privacy
  • Identity and Access Management Policy and Implementation
  • Id+ card committee, both technical and administrative
  • Information Technology Leadership Council (ITLC) Security Working Group
  • Information Technology Leadership Council (ITLC) Software Distribution Committee
  • Merchant Management
  • Physical Security Initiative
  • Special Interest Group on University and College Computing Services (SIGUCCS) Committee
  • University Health Services Health Information Systems Committee
  • Voice Advocacy Working Group

updated:2/16/2012

 

campus scene

Useful PSU Links

Links for CC Areas

Acrobat Reader

Acrobat Reader is required to view many of the links on this site. Get Acrobat Reader now.

top