Integrity in action:
We conduct business in a complicated, fast-paced, and service-oriented culture. Requests for information pour in through e-mail, error reports, telephone inquiries, surveys, drop-in visits, and other means of communication too numerous to mention.
In response, we gather, store, retrieve, and analyze a wide range of data. Ready access to data is essential for good customer service, but an easy and quick reporting culture has given rise to concerns for privacy.
What?s all the fuss about?
Focusing attention on this issue is important for a couple of reasons. First, Purdue?s culture values integrity. We take this seriously. A formalized Statement of Integrity actually spells out our responsibilities to act ethically and in a manner that builds trust. Confidentiality is an integral part of integrity.
Another reason is risk. The list of laws enacted to safeguard information is growing. Health Insurance Portability and Accountability Act (HIPAA) and Gramm-Leach-Bliley (GLB) privacy rules are the most recent additions to the protections already in place from Americans with Disability Act (ADA), Family Educational Rights and Privacy Act (FERPA), Worker?s Compensation (WC) and various other laws that have shaped the way we do business. Improper disclosure of private information is harmful and damages reputations. In addition to resources required for investigating and correcting problems, the law allows for civil penalties against individuals and/or institutions found to be in violation of the law.
It makes good business sense to raise awareness and offer guidelines to members of the Purdue community to help them deal with information thoughtfully and carefully.
What is confidential?
Purdue is a large, decentralized, and diverse organization; we are subject to many overlapping rules and regulations. It?s simply not possible to define every situation and every data element that might be considered confidential. However, some categories of information clearly require cautious and discrete use. All supervisors and business office staff should be careful about sharing the following kinds of information:
* Age * Gender
* Disability status * Social Security number
* Home address and telephone * Salary history
* Benefits enrollment choices * Medical claims, diagnosis, or injury reports
* Performance issues * Deduction amounts taken from pay
* Termination reasons * Credit card transaction data
* Student records
Some departments at the University require special training if the primary function of one of its units is receiving and transmitting protected information. Specialized training has been developed for these areas.
Shhhhh. It?s not just confidential at your desk.
Integrity requires congruence between your professional life and your personal habits. Conversations overheard, chats by the coffee pot, and information that comes to you incidentally need to be treated with the same caution as a letter or e-mail correspondence that lands on your desk.
After you move to another position, private information remains confidential. Reporting to another department or organization does not relieve you of the responsibility of safeguarding protected information.
Tips, techniques, and best practices
Here are ways you can help protect confidential information.
Copy Machines and Shared Printers
Records, Files, and Paper:
Where to get guidance?
This topic brings up many issues and questions. If you need assistance in sorting out a business practice in your area or answering a specific request for information, you can contact Employee Relations at 49-41679.
While we are expected to guard some kinds of information, Purdue is a public institution subject to the Public Records Act. Some information must be shared. If someone refers to the Public Records Act and asks for information about another person, the University?s Public Records Officer (Lucia Anderson) can provide guidance. Subpoenas are also directed to the University?s Public Records Officer.
- Susan Davis
Visit the LeadingEdition index of articles and past issues.
LeadingEdition is an electronic newsletter for Purdue University supervisors. It is produced and distributed by Purdue University Human Resources four times annually. If you have questions, comments or suggestions relating to the newsletter, please call 49-41679 or email us. Thank you.