Information Security Requirements for Contractors and Faculty

Privacy and Security Requirements

Contractors, consultants, visiting faculty, and other third party users of UGA data, computers or network resources should be aware that there are regulatory, legal and policy requirements for the privacy of personal information and the security of computer systems at the University of Georgia.

• Student records privacy is mandated by law. Student records shall not be publicly posted or disclosed without prior consent.

• Social Security Numbers are considered private and shall be stored and transmitted securely as required by law.

• University computing and networking resources shall be used in accordance with UGA Policies on the Use of Computers and other policies as they apply.

• Data stored, processed, or transmitted on university computers or university networks may be monitored at any time.

• Privately-owned computers shall comply with the UGA Network Access Policy while attached to the UGA network(s).

• Users must have permission that is granted by the appropriate part of the University's governance and/or management structure before accessing, transferring or granting access to any University owned data.

• Additional privacy and security requirements may exist based on Federal Regulations, State Laws, Non-disclosure agreements, and contracts as they apply to different parts of the University. All third party users of UGA data, computers or networks shall be aware of additional privacy and security requirements as they pertain to their affiliation with the University of Georgia.

Help

Questions about privacy and security requirements for third party users should be directed to the Office of Information Security by contacting the EITS Help Desk at helpdesk@uga.edu.

References

• FERPA Privacy Act
• UGA Privacy Policy
• UGA Resource for SSN removal
• Georgia Law OCGA 10-1-393.8
• Policies on the Use of Computers
• Network Access Policy
• UGA Data Access Policy