The Cornell University Privacy Office provides guidance and resources pertaining to the collection, use, redistribution, retention, and disposal of institutional information. The Privacy Office also serves as a partner and advisor for broader, privacy-related issues affecting members of the Cornell community.
The Need for Privacy Information Management
Information management is an essential component of sound university administration. Cornell acquires a tremendous variety and quantity of information in the course of business with students, staff, faculty and alumni, as well as affiliates, board members and other “friends of the university.”
A patchwork of U.S. privacy laws touches some of that information. These include:
- Family Education Rights and Privacy Act (FERPA) for education records
- Gramm-Leach-Bliley Act (GLBA or the Financial Services Modernization Act of 1999) for personally identifiable information in financial transactions
- Health Insurance Portability and Accountability Act (HIPAA) for medical records.
Application of these U.S. regulations is difficult, however, because of their piecemeal nature. Law and regulation, smart business practices, and institutional reputation nonetheless require comprehensive management of institutional information.
This web site sets forth the charge, process and tools for privacy information management. Please find a brief outline of the principles and practices, the industry standard for all information management, here.