Main Menu

SSN Guidelines

PURPOSE

Shepherd University is dedicated to ensuring the privacy and proper handling of social security numbers (SSNs) of its students, faculty, staff, and affiliates.

GUIDELINES

Shepherd University remains steadfast in ensuring those users who handle or have access to SSN are properly aware of the increased confidential emphasis on secure use, transmission, and storage of SSNs throughout Shepherd University IT resources.

It is Shepherd University’s intent to protect the SSN of its students, faculty, staff, and affiliates to minimize the growing risks associated with identity theft by collecting the SSN only as:

  1. Required by law.
  2. When necessary for employment records, admission records, financial aid records, and a limited number of other business and governmental transactions, as required by law.
  3. As a means to uniquely identify an individual for a Shepherd University ID number (SUID) assignment.
  4. A method to identify individuals for whom a SUID has been created and not used for other internal processes.

Shepherd University will assign a SUID to an individual upon initial association with the university. The SUID is not the same as, nor based upon, the individual’s SSN or any other unique demographic information. The SUID will be used in all future electronic and paper data systems to identify, track, and service individuals associated with Shepherd University. The SUID will be permanently and uniquely associated with the individual to whom it is originally assigned. The SUID will be considered the property of Shepherd University and its use and governance will be at the discretion of Shepherd University, within the parameters of the law.

SSN is not be used as a common identifier or used as a database key in any Shepherd University IT resource.

SSN is not be used as a common identifier or used as a database key in any Shepherd University IT resource.

PRIVACY, OPERATIONS, and MONITORING

Shepherd University is dedicated to ensuring the privacy and proper handling of social security numbers (SSNs) of its students, faculty, staff, and affiliates.

Shepherd University seeks to maintain its IT environment and manage all information assets including data, computing devices, systems technology, telephony, and IT resources in a manner that respects individual privacy and promotes user trust. However, the use of Shepherd University IT resources is not completely private, and users should have no expectation of privacy in connection with the use of any information asset or IT resource.

Shepherd University has the legal right to access, preserve, and review all information stored on or transmitted through any information asset or IT resource, including the inspection of e-mail messages, logging of activities, monitoring usage patterns, and data audits/integrity checks. IT Services may, with or without notice to users, take any other action it deems necessary to preserve, secure, and protect systems, information assets, or IT resources for the betterment of Shepherd University. Without limiting its right to take action, Shepherd University may, at its sole discretion, disclose the results of any general or individual monitoring or access permitted by this policy, including the contents and records of individual communications, to appropriate Shepherd University personnel and/or law enforcement agencies.

SCOPE of AFFECTED PARTIES

This policy applies specifically to those users who have access to collect and/or handle SSNs. However, all users need to have a general awareness of this affiliated guideline.

ROLES & RESPONSIBILITIES

All Shepherd University students, faculty, staff, and other parties with access to Shepherd University information assets and IT resources shall be responsible for:

AUTHORIZED USERS / DATA STEWARDS / BANNER CUSTODIANS


CIO/CISO – INFORMATION PRIVACY OFFICER


IT SERVICES STAFF


RELATED TOOLS

TRAINING

RELATED POLICIES & GUIDELINES

BOG#35: Information Technology Security
Acceptable Use Policy
E-Mail Policy
IT Information Security & Privacy Policy
Work from Home & Remote Access Guidelines


POLICY: SSN Guidelines
IMPACT: Data, Technology, and IT Resources
RESPONSIBLE OFFICE: IT Services
CREATED: August 18, 2021
REVISED: November 28, 2022
APPROVED BY: CIO/CISO – Information Privacy Officer
VERSION: 23.1