- Maintain and support secure information technology systems to ensure that Social Security numbers (SSN), birth dates, patient medical history and payment of health services are secure and not at risk for disclosure.
- Never sell, market or distribute SSN, birth dates, patient medical history and/or payment of health services that have been collected.
- Never use SSN as the primary identifier for students and employees.
- No longer accept credit card numbers or store credit card numbers in WVU systems, except where required by federal or state law. Information Technology Services scans computers on the WVU network for SSNs and deletes all SSNs identified in files older than 31 days.
Our privacy policies and procedures establish best practices to lower the risk exposure to WVU employees and students and are governed by the following federal regulations:
FERPA. The Family Educational Rights and Privacy Act of 1974 (FERPA) grants WVU student’s
rights to privacy over their education records. For more information, please visit our FERPA privacy webpage.
- HIPAA. The Health Insurance Portability and Accountability Act of 1996 provides data privacy and security provisions for safeguarding medical information. For more information, please visit our HIPAA privacy and security webpage.
Report any real or suspected data breaches to Information Technology Services at firstname.lastname@example.org or phone at 304-293-4457/304-293-4444 as outlined in the Information Security Event Response Policy.