Data Practices and Privacy
The University is a large public entity that maintains large amounts of data—about students, employees, research projects, funding, administration, and a host of other topics. The data at the University are governed by complex federal and state regulations that classify some data as private or nonpublic, and other data as public. Public information must be disclosed upon request under the state’s Government Data Practices Act. Private information, on the other hand, must be kept private, and can only be shared within the University with people who have a job-related need to know or with others outside the institution as authorized by law. Unauthorized disclosures of information must be reported in accordance with the University’s policy on Reporting and Notifying Individuals of Security Breaches.
The University’s Records Manager, who reports to the General Counsel, is the responsible authority for the University with respect to access to public information and the University’s obligations to keep private information private. Public information requests can be submitted through the Data Request Center. You can find more information on our obligations and practices in the Public Access to University Information policy. You can also find out more, including how to get permission to give an employment or academic reference, in OGC’s FAQs section. For more information about student privacy, see Student Affairs.