Security and confidentiality of university records are matters of concern to all University of Kansas employees. Financial Aid and Scholarships (FAS) employees and others who have access to student financial aid information are placed in a unique position of trust regarding the security and confidentiality of student records and files. The purpose of this Code is to outline and clarify each individual’s responsibilities in fulfilling that obligation. Since conduct either on or off the job could affect or threaten the security and confidentiality of this information, each individual granted access to student financial aid information is expected to adhere to the following:1. Unauthorized disclosure, access or use of student financial aid information is prohibited.2. Individuals with access to student financial aid information are expected to maintain a clear understanding of the types of information which can be released without the student’s consent, as defined in the University Student Records Policy and the University of Kansas Code of Student Rights, Responsibilities and Conduct (see Student Handbook). Employees must also review and adhere to the policies as outlined in the online KU Student Records policy at https://policy.ku.edu/registrar/student-record-...3. In addition, all individuals with access to student financial aid information are required to understand and adhere to the Gramm-Leach-Bliley Student Financial Information Security information found on the KU website at https://policy.ku.edu/IT/gramm-leach-bliley4. Individuals with access to student financial aid information may not seek personal benefit or allow others to benefit personally by knowledge of any confidential information which has come to them by virtue of their work assignment.5. Individuals with access to student financial aid information may not exhibit or divulge the contents of any record or report of any person except in the conduct of their work assignment and in accordance with office and University policies and procedures.6. Social media such as Facebook and MySpace are non-secure third-party systems over which the University has no control, and they do not meet the standards required by federal law for the protection of student information and other types of federally protected confidential data. Social media must therefore never be used to post or communicate confidential information regarding students, the University or staff. 7. Individuals with access to student financial aid information may not process their own student financial aid and/or scholarship applications (including posting awards or making award decisions), requests, appeals, etc. or those of relatives, friends or acquaintances. Matters relating to such persons should be forwarded to another appropriate employee, typically the individual’s supervisor or the responsible Associate Director.8. Individuals with access to student financial aid information may not knowingly include or cause to be included in any record or report a false, inaccurate, or misleading entry. Individuals with access to student financial aid information may not knowingly alter or expunge from any record or report, or cause to be altered or expunged, a true and proper entry.9. No official record or report, or copy thereof, may be removed from the office where it is maintained, except in the performance of one’s official duties.10. Individuals with access to student financial aid information may not aid, abet, or act in conspiracy with another to violate any part of this code.11. Any knowledge of a violation of this code by any individual must be reported immediately to the Director of Financial Aid and Scholarships.12. Access codes (Online IDs, User Names, Passwords, etc.) are to be utilized only by the persons to whom they have been assigned. Access codes are confidential and must not be shared.13. Authorization to access student financial aid information is rescinded immediately upon termination of employment or changes in employment such that access is no longer required to fulfill the duties and responsibilities of the employee’s position.Violation of this Code of Responsibility may lead to reprimand, suspension or dismissal from the job, and/or other penalties consistent with University personnel policies.
I have read the above Code of Responsibility for Security and Confidentiality of Records and Files, I understand the intent and specific requirements of the Code of Responsibility, and I hereby verify that I will comply with all parts of the Code of Responsibility.