Code of Responsibility for Security and Confidentiality of Records and Files

Security and confidentiality are matters of concern to all University employees and to all other persons who have access to education records. The purpose of this code is to clarify responsibilities in these areas. Each individual who has access to confidential information is expected to adhere to the regulations stated below.

A person who has access to education records may not:

  • Reveal the content of any record or report to anyone, except in the conduct of his or her work assignments and in accordance with University policies and procedures.
  • Make or allow any unauthorized use of information.
  • Knowingly include false, inaccurate or misleading entry in any report or record.
  • Knowingly expunge a data record or a data entry form and record, report or file.
  • Share individual passwords with any other person (for password protected data).
  • Seek personal benefit or allow others to benefit personally from the knowledge of any confidential information they have acquired through work assignments.
  • Remove any official record or report, or copy of any official report, from the office where it is maintained, except in the performance of official duties.

Any knowledge of a violation of this code must be reported immediately to the violator's supervisor. Violations may lead to disciplinary action, including dismissal. Violations can also lead to action under the State of Oregon statutes pertaining to theft, alteration of public records, or other applicable sections.

See also: Code of Responsibility for Security and Confidentiality of Records and Files