Administration

Tips and resources for Penn Staters to protect their privacy

University Privacy Office recognizes Data Privacy Day by encouraging best practices

Credit: terovesalainen / Adobe Stock. All Rights Reserved.

UNIVERSITY PARK, Pa. — The University Privacy Office is championing the annual international recognition of Data Privacy Day on Jan. 28 by reminding Penn Staters of the privacy services available to the University community and encouraging all Penn Staters to adopt a privacy-focused mindset in the use of personal data.

Holly Swires, Penn State’s chief privacy officer, encourages all Penn Staters to familiarize themselves with the University’s Privacy Policy – AD53, its privacy principles, and for unit leaders to consider requesting a privacy impact assessment to analyze how their unit collects, uses, shares, and maintains personal information on behalf of Penn State.

Steps Penn Staters can take to safeguard their personal data
 

Limit who has access to your data.

Penn State only collects and retains personal information where required by law, University policy, or where necessary for business or educational purposes. Community members should be mindful of who has access to their personal information and limit the data they share.

Many mobile apps request access to your personal information including geolocation, contacts, and photos, all of which often contain a wealth of personal information. Denying or restricting access to this information across your various apps and social media accounts is an easy way to help your private information stay private.

The National Cybersecurity Alliance (NCA) maintains a guide with more information on how individuals can manage their privacy settings across a number of popular services.

Additional steps for individuals to be aware of include:

  • Making sure your personal devices remain secured and password protected;
  • Staying aware of phishing scams that may seek to obtain your personal information; and,
  • Being mindful of your “cookie” preferences on websites.
     

Protect the data you have access to.

Penn State works to properly secure all information through industry-leading security practices outlined in University Policy AD95 – Information Assurance and IT Security. Some of these practices include the use of lifetime passwords and two-factor authentication for Penn State access accounts.

Penn Staters can help protect their privacy by following similar steps to maximize their individual cybersecurity. The NCA recommends creating long passwords that are unique to each account, rather than using shorter passwords (which tend to be weaker) or using the same password for multiple accounts. Implementing the use of a password manager tool or multi-factor authentication for your individual accounts are two additional steps that can help enhance the protection of your personal data.

Stay Safe Online is another resource from the NCA with information on how individuals can protect their personal data.

Connect with Penn State’s Privacy Office.

The University Privacy Office works to incorporate privacy into all stages of the data lifecycle at Penn State and oversees the responsible use of data across the University. The Privacy Office provides guidance to units across the University to help them protect privacy and use, store, and safeguard data appropriately. Swires also chairs and works closely with Penn State’s Privacy Council, which includes representatives from across the University.

The University Privacy Office is made of a dedicated team of privacy professionals, who are ready and available to help units across Penn State evaluate their privacy practices and incorporate the University’s privacy principles into their daily work. Swires encourages members of the University community to connect with the privacy team at privacy@psu.edu to learn more about how the Privacy Office can help support their business practices.

Units across Penn State are also encouraged to request a privacy impact assessment. This assessment, a service of the University Privacy office, is designed to help units meet all applicable legal and regulatory requirements, determine any potential privacy-related risks, evaluate protections, and identify processes to mitigate these potential risks.

“The University Privacy Office works to protect the personal information of our community and strives to create a privacy-focused environment that values and safeguards personal data,” Swires said. “By being mindful of Penn State’s privacy principles in their day-to-day work and following these simple steps, every Penn Stater can help play an active role in protecting their privacy and the privacy of the personal data with which they work.”

Learn more about the Data Privacy Office and Swires' work in this feature article on Penn State News.

Last Updated January 27, 2022