Section: Employee Relations
Policy Number: 706Responsible Office: HR/HR Services
Effective Date: 4/1/01Revised: 6/29/04; 7/2/19
This policy applies to all members of the University community and all contractors, vendors and affiliates acting on behalf of the University.
All members of the University community are required to maintain the confidentiality of business and nonpublic university records and data entrusted to them, except when disclosure is authorized or permitted by law. University employees may not remove confidential information from the University, or duplicate information, unless authorized by the University to do so. University data and information may only be used for business purposes.
In accordance with federal and state law and University policy, confidential records should never be disclosed without appropriate authorization, and should be maintained in a secure fashion. Violation of confidentiality can result in disciplinary action, up to and including termination of employment.
Certain information and records may be governed by the Family Educational Rights and Privacy Act of 1974 (FERPA). Consult your supervisor or the Office of the Registrar before disclosing any information about current and former students to any non-University personnel. The Office of the Registrar oversees the University’s FERPA policy and has issued guidelines that are incorporated by reference into the University’s Confidentiality policy. Click here to visit the Registrar’s webpage.
The Gramm-Leach-Bliley Act (GLBA) regulates the safeguarding and confidentiality of certain information. The University has adopted a GLBA policy and compliance program that outlines the privacy and information security provisions the University has put in place to maintain and protect covered data. The University community must adhere to the policy and GLBA compliance program provisions incorporated by reference into the University’s Confidentiality policy.
St. John's University, New York
Human Resources Policy Manual