Download Data Confidentiality Agreement For Employee for Free

(4.8 based on 655 votes)
Return to Human Resources, PO Box HR, O’Kane B72
Page 1 of 2
HR 1/2013
Employee Confidentiality Agreement
Employees of the College of the Holy Cross may be entrusted through the course of their work
with Confidential Data including protected, sensitive, or Personally Identifiable Information
regarding students, parents, staff, faculty, alumnae, donors, and volunteers. This type of
information is protected by College policy and by law.*
Personally Identifiable Information includes any information that identifies or describes the
individual or data (excluding information made available from public data such as directory listings).
Examples include but are not limited to social security numbers, credit card and debit card
numbers, financial or bank account numbers and routing information, driver’s license numbers and
state identification card numbers, and medical records (including pharmaceutical records). Such
data combined with an individual’s first and last name (or first initial and last name) qualifies as
Personally Identifiable Information.
Accessing, using and/or disclosing Confidential Data or Personally Identifiable Information for any
reason other than the legitimate pursuit of the individual’s employment duties or in ways that
jeopardize the security of such information constitutes misuse.
All employees are charged with safeguarding the College network and may not disclose their login
credentials. Access to any College system with an employee’s login (username and password) is the
responsibility of the employee. Employees are also responsible for immediately reporting to the
Information security officer in the ITS department the (suspected or a
use of their login by
someone other than themselves.
An employees access to Confidential Data or Personally Identifiable Information of the College is
conditioned upon the employee’s acceptance of the obligations described in this Confidentiality
Agreement. The employees obligation to protect such confidential or sensitive information
continues after termination of employment. Any misuse or unauthorized release of such
information, either during or subsequent to the conclusion of employment with College of the
Holy Cross, may be grounds for legal action and/or disciplinary action up to and including
termination from employment.
*State law: Massachusetts Data Privacy Law,
201 CMR 17.00: Standards For The Protection Of Personal Information Of Residents Of The
Commonwealth; Federal law: Family Educational Rights and Privacy Act (FERPA),
Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA),
Payment Card Industry Data Security Standards (PCI DSS); College policies: Data Collection, Use
and Dissemination, Data Classification, Data Destruction Policy , Data Retention and Storage
Data Confidentiality Agreement For Employee
 1 / 2 >