Legal Issues

Preserving the Confidentiality and Integrity of Entrusted Information

Central Oregon Community College is committed to protecting its information resources from accidental or intentional intrusion or damage and is equally committed to preserving and nurturing the open, information-sharing requirements of its academic culture. The privacy of student and employee information is protected by federal laws, FERPA, HIPAA, SOX, the Gramm-Leach-Bliley Act, and state laws referring to the use of social security and credit card numbers. Moreover, COCC imposes its own requirements regarding the safeguarding of the community college assets.

Student Data:

Non-directory information as defined by Federal Family Education Rights and Privacy Act (FERPA), and clarified by COCC's FERPA policy, may not be released to a third party without a Release of Information form on file for the current academic year. Third party is anyone (including parents) without a "legitimate educational interest" in the student record. Information may be shared with other college employees in the completion of work only.

Student Confidentiality Indicator:

If a student requests that his/her student information not be released to anyone, a flag will appear on any Banner screen that includes student information. If a student confidentiality indicator exists, the staff person may not release any information on that student to anyone other than the student themselves. Contact the Admissions & Records Office for guidance should this situation arise.

Employee Data:

COCC expects all personnel granted access to personal employee information, to strictly protect the confidentiality of information to which they may have access. Any violation of privacy may subject security offenders to disciplinary action.

Use of COCC non-public data implies that you accept the responsibility and implies my agreement with the following:

I will adhere to all data security guidelines as listed above.

Passwords are the first line of security. I will not reveal my password nor allow anyone to use the account assigned to me.

Maintaining the confidentiality of data retrieved in the course of my job duties, including data that I use for reporting purposes or in other software products is of utmost importance.

Last Updated: 4.27.15 - cegertson

Page Owner: IT Information & Security