UVM's Privacy Program

Privacy at UVM

Everyone – from students to employees and leadership to vendors and third parties – have a responsibility to protect the privacy of the information that we access, use and disclose in our roles as members of the UVM community.  The Privacy Office serves as a partner and a resource to the campus community and supports all areas of the University in their efforts to safeguard all data that we have been entrusted with.

The University of Vermont Privacy Office

The University of Vermont Privacy Office is part of the Office of Audit, Compliance and Privacy Services.  The Privacy Program champions privacy across the University and promotes UVM’s commitment to safeguarding the personal, protected, sensitive and confidential data that we hold, access and use.  The Chief Privacy Officer oversees the Privacy Program; is responsible for the development and update of the University’s Privacy Policies, University Operating Procedures, and Guidelines; and coordinates the University’s response to potential compromises of protected information.  While the Chief Privacy Officer is responsible for the Privacy Program itself, all members of the University Community are responsible for protecting the data that they have access to.

What We Do

In our capacity as the University’s Privacy Office, we work in collaboration with constituents and stakeholders across the University to protect the privacy of those individuals who have entrusted us with their private information and to safeguard information that is otherwise sensitive, confidential or proprietary.  We do this through our Policies and Procedures, training, communication, audits, compliance reviews and consultations.

Policies/UOPs/Guidelines

The University’s Policies, UOPs and Guidelines related to Privacy and Information Security and Technology can be found here.

UVM’s Institutional Policies website can be found here.

Contact the Responsible Official or others identified in the individual Policy, UOP or Guideline if you have specific questions.

If you have questions related to the policy process or UVM’s policy website, send an email to policy@uvm.edu.

Records Retention

Records management is the process of managing the University’s information that is created and necessary for ongoing operations throughout the information life cycle, from the time of creation to its eventual disposition. This process includes identifying, classifying, storing, securing, retrieving, tracking and destroying or permanently preserving records.

The Chief Privacy Officer is responsible for the management and oversight of the University’s Records Retention Policy. Each unit is responsible for managing their own records.

More information can be found here:

Document Destruction

Departments have the option of hiring an off-campus vendor to help them with their document destruction needs. The University has a preferential pricing agreement with Secure Shred.

 

Key Privacy Law & Regulations