RU AccessScheduleRU OnlineDirectoryContact Us
   Future Students Current Students Parents Alumni Faculty & Staff
Print-friendly version

Site Links

Latest News
Benefits
Forms
Policies & Procedures
Training and Development
HR Headlines

Human Resources

 

Confidentiality Policy
Policies and Procedures | Human Resources

Introduction

Information collected and stored by Roosevelt University remains the property of Roosevelt, and may be considered confidential under various laws and regulations. Any record, or information contained therein, that is subject to the requirements of confidentiality laws and regulations is considered a “confidential record” or “confidential information” for purposes of this policy. No employee, agent, contractor, or volunteer shall disclose any confidential information, records and/or files to any outside party without appropriate permission. Confidential information includes, but is not limited to: information contained in financial and vendor records, personnel and payroll records regarding current and former employees, information about donors and alumni, and academic, financial, and other records of current and past students. Confidential information includes that received or reviewed by any means, including but not limited to electronically, in print, in other media, or aurally. No employee may remove confidential information from Roosevelt University premises without express written authorization by the appropriate division vice president.

The disclosure of confidential information to others who do not have a legal right to the information may violate the Family Educational Rights and Privacy Act of 1974 (FERPA), the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Graham-Leach, Bliley Act of 1999 (GLB), and/or other federal and state laws. Any employee who misuses or otherwise improperly discloses confidential information will be subject to disciplinary action, up to and including termination.

This policy specifically addresses confidentiality concerns with regard to:

  • Educational records,
  • Employee personnel files,
  • Donor and alumni records,
  • University systems and databases, and
  • Electronic mail or facsimile transmissions.

Educational Records

All documents or other materials directly related to individual students and maintained by the University or by a person acting for the University are considered educational records. These materials may include personal information, enrollment records, grades, schedules, participation in activities and photographs. Certain records, such as those maintained by a health professional treating a student, are not considered educational records to which University employees may have access, and are subject to additional confidentiality restrictions.

Student educational records are considered confidential and may not be released without the written consent of the student. You have access to information only for legitimate use in completion of your responsibilities as a university employee, agent, contractor or volunteer.

FERPA, the Family Educational Rights and Privacy Act (sometimes referred to as the Buckley Amendment) was passed by Congress in 1974, and grants four general rights to a student:

  • Access to his/her education records;
  • The opportunity to seek amendment to those records, and in certain cases append a statement to them;
  • Some control over the disclosure of his/her records; and
  • The right to file a complaint with the United States Department of Education in Washington.

Only “Directory Information” is considered public, as long as the University annually notifies students of the categories of information designated as such, and provides a reasonable period of time after such notice is given for a student to notify the University that such information should not be released without the student’s consent. After this reasonable period of time has passed without such notice from the student, this information can be released without the student’s written permission. The following items are Directory Information:

  • Name
  • Major field(s) of study
  • E-mail address
  • Permanent address
  • Dates of attendance
  • Degrees awarded
  • Participation in officially recognized activities

This is the only information you may release without permission from the student in most situations. Employees who encounter student records information in the course of their employment with the University should review the University’s complete policy addressing student records, which may be found in the Office of the Registrar.

As a staff member, you have a responsibility to protect the educational records in your possession. If you are ever in doubt, do not release any information until you contact the Office of the Registrar. The University Registrar is responsible for student record information and interpretation of student records policies.

Employee Personnel Files

Employee personnel files are confidential whether collected and stored with the Office of Human Resources or elsewhere. Outside of Human Resources and Payroll staff, an employee’s current supervisor is the only other individual who will have access to personnel files. However, Roosevelt University will cooperate with law enforcement officials, University attorneys or local, state or federal agencies, and provide access to an employee’s personnel file to such individuals, in accordance with the applicable law. In addition, the University will permit an employee to inspect any personnel documents that are, have been, or will be used to make employment decisions, with certain exceptions, as provided by law. An employee has a right, in certain circumstances, to seek removal or correction of information in his/her personnel file and to submit a written statement for inclusion in it. Please refer all requests to review an employee’s personnel file to the Office of Human Resources.

Confidential health or medical records are not included in personnel files. The University is required to maintain the privacy of all health information. This information will not be used or disclosed without written authorization from the employee, except as described in the University’s HIPAA notice, a copy of which is attached to this policy. Authorization may be revoked in writing at any time. Employees are urged to review the University’s HIPAA notice, which provides information regarding an individual’s rights with respect to protected health information and a description of how to exercise those rights. The University maintains physical, electronic, and procedural safeguards that comply with federal regulations to guard nonpublic personal information. The HIPAA Privacy Officer in Human Resources is responsible for the development and implementation of the University’s policies and procedures regarding the privacy of health information. The Office of Human Resources is responsible for receiving complaints regarding such information.

Confidential Information Relating to Donors, Prospective Donors and Alumni

Work at the University may involve access to confidential or privileged information regarding donors, prospective donors, and alumni. No information about a donor, prospective donor and/or alumni, except that which is available in Roosevelt University publications, may be released without written permission from the individual, except to the extent that certain information may be released regarding former students, as described under “Educational Records” above. Written requests for information from individuals or media representatives requesting this information should be referred to the Assistant Vice President for Advancement Operations. To the extent such requests address information contained in student records, they should be directed to the University Registrar.

Computer and Data Confidentiality

Access to all systems and databases, including but not limited to Banner, BSR/Advance, and Ceridian, is granted solely for the purpose of performing legitimate, authorized, assigned responsibilities required for the administration of Roosevelt University. Any unauthorized or illegitimate use of systems, databases or data may result in disciplinary action up to and including termination of employment, expulsion from school, criminal prosecution, and/or civil action.

Release of Confidential Information to Third Parties

No confidential information, as defined under “Introduction” above, will be revealed to a consultant, vendor, or agent of the University without explicit written guarantee that the data will be used only for approved reasons, and will not be released to others without prior authorization from the individual whose personal and/or confidential information is contained in those records.

Transmission of Confidential Information

Neither electronic mail nor facsimile are secure methods to transmit information, and for this reason, neither is recommended. If it is necessary to transmit confidential information in this format, it is recommended that the following Confidentiality Notice be used.

Confidentiality Notice: This e-mail message or facsimile transmission, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Unauthorized review, use, disclosure, distribution, or copying is prohibited. If you are not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, please contact the sender by reply e-mail or telephone and return the original message to the sender at Roosevelt University, 430 S. Michigan, Chicago, Illinois 60605, via the United States Postal Service. Thank you.

Click here to complete the Acknowledgment of Confidentiality Policy

back arrowHuman Resources | Policies and Procedures | Confidentiality Policy

© 2006, Roosevelt University, All Rights Reserved
Chicago  430 S. Michigan Ave, Chicago, IL 60605 | 312-341-3500
Schaumburg 1400 N. Roosevelt Blvd, Schaumburg, IL 60173 | 847-619-7300