Disclaimer

University Privacy Policies 

• Confidentiality of Student Records - outlines the circumstances under which personally identifiable information from a student's or applicant's record generally may be disclosed.
• Confidentiality of Faculty and Staff Records - (Human Resources Policy #201) is directed at protecting the confidentiality of staff and faculty human resources records.
• Policy on Security of Electronic Protected Health Information (ePHI) - describes the security safeguards that must be in place to ensure the security of patient medical information within the University community.
• Privacy in the Electronic Environment - highlights some general principles that should help to define the expectations of privacy of those in the University community.
• Social Security Number Policy - establishes expectations around the use of SSNs - sensitive data whose misuse poses privacy risks to individuals, and compliance and reputational risks to the University. It calls on staff, faculty, contractors, and agents of the above to inventory their online and offline SSNs and reduces the above risks.
• PCI Compliance Policy - defines the PCI Compliance for Credit Card Sales at the University of Pennsylvania.

 

PennName Policies 

• Policy on the Definition of a PennName - specifies the characteristics of a legal PennName, including the length, alphabet, and structure.
• Policy on PennNames Compliance - specifies the requirements for systems and services to be considered PennNames-compliant.
• Policy on the Duration of a PennName - specifies the duration of PennNames and the circumstances under which ownership may be transferred.
• Policy on the use of @upenn.edu address namespace - specifies the naming requirements for the creation/changing of new/existing names within the @upenn.edu email address space.