KU creates, shares new privacy policy

In the wake of last month’s unauthorized document dump, Kansas University has created a new privacy policy.It was approved today and immediately e-mailed to all Lawrence-campus faculty, staff and students. The privacy policy spells out what is expected of all members of the university community in terms of information retention and protection. Some highlights:_Information collected, regardless of the method of collection or format, may be used only to carry out the authorized business of the University. The University shall make reasonable efforts to limit the Private Information it collects to only that information strictly relevant to accomplish a clearly defined institutional purpose.__Every unit is responsible for maintaining the necessary confidentiality, integrity and availability of the information it handles. Every unit is responsible for granting to assigned individuals within the unit the reasonable, minimum access to Private Information needed to accomplish the necessary institutional purposes.__Employees who become aware of a breach of the privacy or security of Private Information must report such breach immediately to the Information Services Customer Service Center at 864-8080._The policy also included penalties, which can include termination, for failing to adhere to the new policy. The new policy is overseen by the KU Privacy Office.