Brigham Young University (BYU) is committed to protecting the privacy of personal information within its control in a manner consistent with applicable laws, regulations, and university policies.
Official notice that outlines how BYU collects and processes personal information from students, faculty, alumni, and other members of the BYU community
Internal standard from the Office of Information Security on how personal information is protected by BYU.
Several concerns have been expressed regarding the privacy and security of using Zoom for campus meetings and online classroom instruction. This statement has been prepared to address these concerns.
General Principles Guiding the Collection and Use of Personal Information
The university’s practices and policies regarding its collection and use of Personal Information should be open and transparent.
- Personal Information should only be obtained by the university through lawful means.
- Generally, Personal Information should be collected directly from the subject.
- Personal Information should be accurate, complete, and relevant to the purposes for which it was collected. Except as required by law, individuals should be allowed to inspect and correct their Personal Information.
- The purpose for collecting Personal Information should be described at the time the specific Personal Information is collected. Only information necessary for the stated purpose should be collected. Any further use of the information should be limited to the purpose described at the time of collection. Personal Information should not be disclosed for secondary purposes without the consent of the subject or as required by law and should be securely destroyed or deleted when no longer needed for the defined purposes.
- Access to Personal Information should be limited to those employees with a specific need to access the information to accomplish the functions of their respective jobs.
- Personal Information should be protected by reasonable security safeguards against reasonably anticipated risks, such as loss, unauthorized access, destruction, use, modification, or disclosure.