Wheeling Jesuit University
Search

Human Resources Home
Policies Home

+ Organization
  Human Rights, Values & Ethics
  Policy on Policies
  Structure and Organization
  At Will Provisions
+ Employment
  Job Descriptions
  Equal Employment Oppurtunity
  Vacancies and Postings
  Interview Procedure
  Pre-Employment Documentation
  Nepotism
  Orientation
  Compensation Guidelines
  Disabilities and Accommodations
  Outside Employment
  Probation
  Whistleblower
  Recruiting Budgets
  Budgeted Hiring Process
  Employment of Immigrants
 
 
+ Benefits
  Health/Dental/Vision Insurance
  STD/LTD/Life Insurance
  Health Care Flexible Spending Account
  Tuition Remission
  Parking Policy
  Retirement Savings Account
  Professional Memberships
  Employee Assistance Program
  Facilities and Events
  COBRA
  Relocation
+ Time Off Work
  Paid Time Off
  Uncompensated Time Off
  FMLA
  Military Leave
  Workers Compensation and Accident Reporting
  Inclement Weather
  Catholic Jesuit Mission Benefits
+ Payroll
  Work Day/ Year/ Breaks/ Pay
  Payroll, Deductions & Advances
  Attendance
  Compensation Guidelines
  Employee Status
+ Workplace Practices
  Code of Conduct
  Expectations of Privacy
  Harassment Policy
  Tobacco Usage Policy
  Drug and Alcohol Policy
  Personnel Files
  Medical Files/HIPPA
  FERPA
  Performance Evaluations
  Information Security
  Solicitation
  Corrective Action Procedures
  Dispute Resolution Procedure
  Fire and Life Safety
  Safety Program
  Protection of Minors & Vulnerable Individuals
  Emergency Response Manual
  Title IX Compliance
+ Communications
  Telephone/Email/Social Media Usage
  Internet Security & Usage
  Mobile Devices
  Password Policy
  University Media Relations
+ Terminations
  Termination of Employees
  Exit Interview/Full and Final Accounting
 
Workplace Practices: Information Security
Date approved:
April 2011
Approved by:
 
Date to be reviewed:
March 2011
Reviewed by:
Chief of Staff
Date revised:
Revision number:
1.0
 
 
Compliance Committee:
As Scheduled

1.0 PURPOSE

All employees of Wheeling Jesuit University are responsible for protecting against the unintended or unauthorized disclosure of information to either internal or external sources. Furthermore, the University respects the information associated with the business practices of other institutions and organizations. Consequently, the acquisition or collection of information from other institutions and organizations is also regulated and employees will be held to the same standards in obtaining that information.

2.0 POLICY STATEMENT

2.1 Definitions

  1. "Information" includes printed or electronic files, emails and the content of verbal communications.
  2. "Protection" refers to the security of the information from inception through disposal, including retention, storage and transfer.
  3. "Hierarchy of Security" refers to the level of Protection applied to the Information.
  4. "Sharing" means conveyance of Information including, but not limited to, transmission via copying, mailing, electronic transfer or speech. This also includes receipt of Information, the acquisition of which could adversely affect the University’s reputation.
  5. "Nondisclosure Agreement", or NDA, is a legal instrument designed to protect Information deemed "Restricted" by the University.

2.2 Coverage

Information that is to be protected includes data specific to Wheeling Jesuit University and data obtained from or supplied to a third party. University supervisors, directors and administrators are to apply the appropriate level of security amount of Protection, according to the Hierarchy of Security, associated with the Information that they manage and share. Secretaries, administrative assistants, staff employees and student workers are to respect the Protection associated with Information and understand that they are functioning as an extension of their supervisors; therefore, they are bound to comply with the same Protection as the supervisor to whom they are assigned.

2.3 Hierarchy of Security

  1. Public: Information of general knowledge that can be shared freely among the public or employees of the University including university calendars, brochures, mission statements, etc.
  2. Private-Confidential: Information pertaining to specific individuals or departments that is controlled by necessity or federal, state or local regulations, including individual personnel files, student files and academic records, financial data pertaining to a department within the University, technology, funding, etc. This information is protected on a "needs-to-know" basis among management and administration and can only be shared at that level or above. All such designations will be made in accordance with any applicable federal, state or local regulations.
  3. Restricted: Information that is protected because its dissemination could damage either the University or individuals within the University including undisclosed University financial data, information of a strategic or proprietary nature, intellectual capital, technology and research impacting a program or the potential start-up of an entrepreneurial outgrowth, etc. This Information is protected on an "eyes-only" basis among University administrators and can only be shared at that level or above. If it is appropriate for an employee outside of University administration to handle restricted information, that employee shall be preapproved by the President and sign an NDA beforehand. All such designations will be made in accordance with any applicable federal, state or local regulations.

2.4 Identifying / Handling Information

  1. Information that is shared jointly among management and University administration shall be considered Private- Confidential. Other employees who, in the course of their employment, handle such Information for a supervisor shall consider it Private-Confidential and comply with any applicable federal, state or local regulations.
  2. All information that is Restricted shall be handled at the level of University administration only. If it is to be circulated below that level is should be identified at the time of dissemination.
  3. The University will employ legal and ethical means to collect and disseminate Information and will not collect or disseminate such Information unless the party from whom the Information is obtained or to whom the Information is sent is agreeable to the University’s application of that Information.
  4. Employees may not: engage in unauthorized discussions of Private-Confidential and Restricted Information with friends, family, student workers and other University employees not authorized to have access to the Information; disseminate or discuss such Information with outside individuals absent the University’s consent; and download such Information to personal devices. Employees should: avoid holding authorized discussions in public venues; leaving Private-Confidential or Restricted Information lying openly on desks, computer screens or copiers; and printing on remote printers and not accessing the Information immediately afterward.

2.5 Consequences for Failure to Adhere

Individuals who fail to adhere to this Policy may be disciplined. Such discipline may range from a simple memo or counseling session wherein the employee is informed of individual obligations under this Policy through corrective discipline up to and including termination. The level of discipline will be determined by prior occurrences, type of Information shared, intent of the party and exposure to the University.

3.0 AUTHORIZATION

The VP for Information Technology, in conjunction with the Director of Human Resources, has the authority to approve changes or exceptions to this policy at any time with or without notice, provided such changes are in compliance with other policy guidelines.

4.0 ATTACHMENTS


Calendar |  President's Welcome |  Virtual Campus Tour |  Services |  Financial Aid |  Campus Directory |  Apply Online


© 2014 Wheeling Jesuit University, Inc. • 316 Washington Avenue • Wheeling • West Virginia • 26003 • (800) 624-6992 • Legal
Website Powered by ActiveCampus™ Software by Datatel