Forged in Individuality
Since 1787, Pitt has never stopped pushing the edge of what’s possible. While Pitt thrives on forging new paths, we remain focused on potential human impact and stay mindful of the privacy of our students, faculty, staff, and community members.
The CIE Office is also home to the Pitt Privacy Office. We support compliance with national and international privacy regulations and University policies. We are guided by the following principles:
- Promote respect and accountability: Valuing University members' right to privacy and striving for best and responsible in the ways we collect, manage, and protect personal information.
- Promote informed choice and consent with respect to the collection and use of personal information.
- Promote transparency by creating visibility related to our data collection, use, and sharing practices.
- Promote awareness and empowerment by disseminating information and resources related to privacy awareness.
Services
The Pitt Privacy Office offers the following services:
- Consulting services to schools, departments, and units University-wide concerning privacy and the proper access and use of sensitive information.
- Lead University compliance efforts with state, federal, and international regulations.
- Review purchasing, data use, and other agreements for compliance with privacy regulations.
- Guide and manage incident responses.
- Assist with the development of policies and guidelines associated with privacy, data security, and governance
- Oversee compliance programs for privacy-related University Policies and Procedures
- Support privacy-related training
For Students
The Student Code of Conduct guarantees that students have the right:
- To have University records reflect only such information as is reasonably related to the educational process of the University.
- To be informed of the existence, custodianship, and general character of all personal records maintained by the University.
- To inspect all personal records, except records determined to be confidential in accordance with properly established criteria.
- To have protection from disclosure of personal records to unauthorized persons. Information will not be released outside of the University community without the expressed consent of or waiver by the Student involved, except under valid legal compulsion or where there is a clear and present danger to a member of the University community, in which case the Student will be informed of any such release
For Staff
The Staff Handbook provides specific privacy guidance related to computer access and use, conflicts of interest, and the confidentiality of medical information. More particularly:
- Use of computer services for any commercial purpose, partisan political purpose, or any unlawful purpose or use that infringes on the rights of others, including privacy, ownership, and equitable access to computing resources, is prohibited.
- Willfully exceeding the limits of authorization, damaging, modifying, altering, destroying, copying, disclosing, or gaining unauthorized access to data is prohibited.
- No staff member shall, for personal gain or from the gain of others, use any information not available to the public that was obtained as a result of service to the University.
- Medical information about individual staff members is to be treated confidentially. The University will take reasonable precautions to protect such information from inappropriate disclosure. Any staff member who has legitimate access has a responsibility to respect and maintain the confidentiality of that medical information.
Acceptable Use
- AC 04: Access to and Release of Education Records
- AO 10: Computer Access and Use
- AO 12: Control of Physical Access to Confidential Information
- AO 15: Email Communication Policy
- AO 38: University Network
- CS 03: Copying Copyrighted Material
- CS 23: Use and Management of Social Security Numbers and University Primary ID Numbers
- EO 01: Access to Employee Personnel Files
- AO 24 Name and Address Lists and Mailing Labels
- AO 33: Surplus Equipment Recycling and Disposal
- CS 30: HIPAA
- FN 16: Payment Card Handling and Acceptance
- RI 13: Drones