- Issue Date: November 1, 1979
- Primary Contact: Director of Human Resources
- Responsible Member of Directorate: President and Director
- Responsible Office: Human Resources
A. It is Institution policy and the responsibility of all Institution personnel to safeguard personal information so that rights to privacy and confidentiality are not violated. The Institution believes that the personal information it obtains must be carefully protected and should be shared only with those individuals who have a legitimate need for it.II. Rules and Records
B. At the Institution it has long been the practice to handle personal information in a way that is the least intrusive and as fair as possible to the people involved. All individuals have the assurance of the Institution that information about them is maintained in a manner that is fair, accurate, and as confidential as possible.
C. The statement of privacy principles which follows is a description of how your privacy is protected. All personnel have specific rights regarding personal information in files, and a strong obligation to protect the confidentiality of other individuals.
A. The Institution is firmly committed to protecting the privacy rights of all its personnel. We do this in ways that are reasonable and consistent with good business practices. In the conduct of Institution business the following privacy rules hold:III. Privacy Principles1.Request and use only that personal information which is related to business needs;
2.Consider personal information to be confidential and take actions to protect that confidentiality;
3.Restrict access to any personal record to those who have proper authorization and legitimate business reason, unless otherwise required by law or legal process;
4.Insure that actions or decisions involving individuals whose records are examined are based upon pertinent and accurate data;
5.Make available to all personnel, upon their request, personal information about them (recognizing our right to protect the privacy of the source of the information). However, in the case of medical information, the Institution will supply this information only to an individual's designated physician (unless otherwise provided by law);
6.Make it possible for all personnel to correct any personal information we have about them and to record their version of disputed facts; and
7.Communicate to all individuals their responsibilities in handling all personal information concerning others in accordance with these rules.
A. Institution privacy principles apply to all personnel, as well as to those individuals with whom business is transacted.
B. From the time a person comes to the Institution, various files are established which contain personal information, most of which has been personally supplied. These files usually refer to personnel, health, payroll, and benefit claim matters. They are used to administer Institution benefit programs and regular business functions, as well as to provide information required by such government agencies as the U.S. Equal Employment Opportunity Commission.
C. Institution practices are designed to protect the privacy and confidentiality of information about you, both within and outside the Institution.
D. Within the Institution, access to personal information is limited only to you and those persons having a legitimate need to see and use it in the performance of their duties and responsibilities.
E. Examples:1.Management and other supervisory personnel have access to files containing data about an individual's historical profile, along with performance evaluations.Not available are reports of investigations to determine the validity of complaints concerning improper activities. If, however, any adverse action might arise from such an investigation, the circumstances will be discussed with you.
2.Other than the exceptions noted below, personnel have the right to see what is in their files. Files are available for review upon request. Material may not be removed from the files, but correction of data can be requested if you believe it to be wrong and a statement may be added concerning any disputed information kept in this file.
Also not available are letters of reference from outside sources whether they be for pre-employment, promotion or tenure actions. These are obtained in confidence and their confidentiality must also be protected.
F. Access to personal records is restricted to those who have proper authorization and legitimate business reasons for seeing them, unless otherwise required by law or legal process. In answer to inquiries from outside, the Institution will only provide written confirmation of job titles and dates of employment unless you give your personal authorization for the release of additional information. Medical information will be released only to a physician of your choice.
G. An individual will be notified promptly in writing if the Institution is required to provide information about them by a subpoena or other compulsory legal notice, except when requested as a part of an appropriate governmental inquiry into Institution employment practices, in cases involving the investigation of a possible crime, or as otherwise provided by law.
H. A File Check Out Card is inserted in each personnel file each time a file is removed. This log records the date the file is removed and by whom, and remains in place of the file until it is replaced. This process allows an employee to place corrections in the file if erroneous information is found and also allows the Institution to forward these corrections to anyone who received any incorrect information within the prior two years.