Compliance and Ethics
Personally Identifiable Information
Page Content
BACKGROUND
Information Security/Confidentiality-The University of Southern Mississippi values individuals’ privacy and actively seeks to preserve the privacy rights of those who share information with us. The University has adopted certain privacy policies and practices for any and all parts of Southern Miss where personally identifiable information (PII) in any format is created, received, maintained and transmitted. PII is considered sensitive information that can be used, either alone or in conjunction with other information, to identify a specific individual. Privacy and public records obligations of the University are governed by state and federal law.
DEFINITIONS
Personally Identifiable Information (PII)- Is divided into Moderately Sensitive and Highly Sensitive.
Moderately Sensitive information- Is information which is generally available publicly and/or information that may have been provided by the individual. This information is typically referred to as Directory Information. The following items are included in Moderately Sensitive/Directory Information and are subject to public disclosure in accordance with the Family Educational Rights and Privacy Act of 1974.
- Student's Name
- Address
- Telephone Number
- E-mail Address
- Major
- Dates of Attendance
- Classification
- Degree(s) Earned
- Previous Institutions Attended
- Participation in Student Organizations
- Participation in University recognized organization and activities
- Weight and height of athletic team member
- Honors and awards
- Student's photo
- Dean's/President's List
Highly Sensitive Information-The following items are included in Highly Sensitive information:
1. Names and Numbers:
- Social security number
- Date of birth
- Mother's maiden name
- Official state-issued or U.S.-issued driver's license or identification number
- Alien registration number
- Government passport number
- Employer or taxpayer identification number
- Medicaid or food stamp account number
- Bank account number
- Credit or debit card number
- Personal identification number or code assigned to the holder of a debit card by the issuer to permit the authorized electronic use of such card
2. Unique biometric data such as:
fingerprint, voiceprint, retina or iris image or other unique physical representation
3. Medical records
4. Telecommunication identifying information or bulk records
Examples include, but are not limited to, SOAR, SOARFIN, email
5. Other number or information that can be used to access a person's financial resources
OPTING OUT
Individuals may choose to “opt out” and request the university not release Directory Information.
CONSEQUENCES OF OPTING OUT OF INCLUSION IN DIRECTORY
However, the consequences of an opt-out request should be considered before doing so.
For example, if a student has opted out of Directory Information:
Enrollment may not be verified to any outside source such as potential employers,
colleges, universities or medical insurance companies.
Information will not appear in any official university publications distributed to
the public, such as a commencement program.
Information will not be provided to the media when releasing academic recognition
announcements (President's List or Dean's List).
Highly Sensitive information is information that is not generally available publicly.
This information may have been provided by you when you fill out a registration or
other form. This information is generally stored and transmitted in encrypted format
to minimize the possibility of unintended disclosure. This information in combination
with Moderately Sensitive information can be used to specifically identify an individual
and is never disclosed by the University without permission from the individual and/or
a rigid agreement that extends the protection of the information from potential disclosure
or an order from a court of competent jurisdiction.
The Information Southern Miss Collects
When persons contact official Southern Miss components, certain client information may be collected. No information is collected unless it is deliberately provided by the individual (for example, by leaving their name and telephone number, by completing a University form, or by clicking a web-link to send Southern Miss an email). Examples of information persons might choose to give Southern Miss are listed below:
- Name, address, telephone number, and email address
- Names, addresses, telephone numbers, and email addresses of family members and/or friends
- Date of birth, ethnicity, gender, and country of origin
- Height, weight, hair and eye color and blood type
- Academic history, including schools attended, grades received and test scores
- Financial profile, including income and assets
- Employment history, including previous employers and duties
- Credit or debit card and bank account information
- Criminal history, including convictions, time served and probation status
The Way We Use Information
As a general rule, Southern Miss maintains various types of records for individuals based on their association with the University. The University also analyzes aggregate information for resource management and planning purposes. Southern Miss reserves the right to use information details about individuals to investigate its resource management or security concerns.
Personally identifiable information is used to accurately compile, store and retrieve an individual's records; to place and track individuals appropriately for academic purposes, and to award academic degrees and honors; to properly employ individuals and compensate them for their work; to correctly diagnose and medically treat individuals; to respond appropriately (or in a personalized format) to individuals' requests for services; and to improve the University's services and products.
Under Mississippi's Public Records Law, most records in our possession are subject to inspection by or disclosure to members of the public upon their request. Information must be retained according to applicable federal and state laws and must be available for inspection, unless otherwise exempt from the public records law.
Southern Miss uses the information individuals provide about themselves or about someone else when placing a request for service only to complete that order or request. To enhance the educational experience the University does share this data with third parties, within the requirements of state and federal statutes, with the approval of the University President.
Southern Miss generally uses return addresses, telephone numbers, and email addresses only to answer the communications received. Such addresses are generally not used for any other purpose and by University and state policy is not shared with outside parties, except in accordance with Public Record Laws.
Commitment To Data Security
The University of Southern Miss is dedicated to preventing unauthorized information access, maintaining information accuracy, and ensuring the appropriate use of information. We strive to put in place appropriate physical, electronic and managerial safeguards to secure the information we collect in all formats: on paper, electronically and verbally. These security practices are consistent with the policies of the University and with the laws and regulatory practices of the state of Mississippi and multiple federal agencies.
Related Resources
iTech - http://www.usm.edu/itech/