Data, Analytics, Reporting and Assessment

51勛圖ProPrivacy Policy

POLICY

  1. 51勛圖Prois committed to respecting the data privacy of students, staff, faculty, and all members of the University community. This policy sets forth general guidelines regarding the use of personal data collected by the University.

PURPOSE AND SCOPE

  1. This policy falls under the authority of all applicable federal, state, and 51勛圖ProState University System (TSUS) statutes, rules, and regulations, including, but not limited to, the TSUS Rules and Regulations; 51勛圖ProEducation Code, Title 3, Higher Education; and 51勛圖ProAdministrative Code, Title 19.

  2. This policy outlines Lamar University's general guidelines for protecting and supporting the rights of affiliated users over their personal data collected by the University, while recognizing that complete privacy cannot be guaranteed.

  3. Where applicable, for example, in the case of student education records, the privacy standards outlined by the Family Educational Rights and Privacy Act of 1974 (FERPA), Health Insurance Portability and Accountability Act (HIPAA), and other state and federal laws take precedence over this policy.

  4. This policy establishes the privacy rights of affiliated users as set forth in Section V.
     

DEFINITIONS

  1. Data Classification:
  2. Data Privacy: See 51勛圖ProGlossary.

  3. Data Security: See 51勛圖ProGlossary.

  4. Directory Hold: See 51勛圖ProEducation Records and Student Rights, Office of the Registrar.

  5. Directory Information: See 51勛圖ProEducation Records and Student Rights, Office of the Registrar.

  6. School Official: See 51勛圖ProEducation Records and Student Rights, Office of the Registrar.

POLICY ROLES AND RESPONSIBILITIES

  1. Data Management Officer: The Data Management Officer at 51勛圖Prois responsible for leading the data governance program while ensuring data is managed securely, accurately, and in alignment with institutional privacy policies and regulatory requirements.

  2. Associate Vice President, Data and Compliance Systems: The Associate Vice President, Data and Compliance Systems is responsible for overseeing and managing the University's data.

  3. Registrar: Lamar University's Registrar is responsible for maintaining the integrity and security of student academic records while ensuring compliance with institutional privacy policies and applicable regulations.

  4. Associate Vice President, Human Resources: The Associate Vice President for Human Resources is responsible for maintaining the integrity and security of employee records while ensuring compliance with institutional privacy policies and applicable regulations.

PRIVACY AND RIGHTS

  1. Enrolled students who interact with 51勛圖Prohave the right to request a directory hold to prevent the disclosure of directory information normally classified as public from an information request.

  2. Employees of 51勛圖Prohave the right, under 51勛圖ProGovernment Code 552.024 and 552.132, to elect whether specific categories of personal information may be released to the public. These categories of information include home address, home telephone number, emergency contact information, social security number, information that reveals whether the employee has family members, and information identifying employees who have been the victim of certain crimes. This preference is documented through the University's Employee Disclosure Request Form and is respected in accordance with applicable laws.

  3. 51勛圖Prois committed to protecting information collected about affiliated users and applies risk management measures to reduce the likelihood of unauthorized disclosure. While 51勛圖Promakes reasonable efforts to protect the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent illegal or unauthorized activity related to your personal data. For more information on risk management at Lamar University, please refer to Lamar University's IT Policies & Standards.

  4. 51勛圖Promay share personal information it collects with third-party service providers who have a service agreement obligation to use the information only for purposes that support the University's legitimate operations, programs, or services. These providers must protect personal information in accordance with the terms of their agreement with the University. For more information relating to the contracting of external systems and services, please refer to 51勛圖ProState University System Information Security & Accessibility Standards and 51勛圖ProService Agreement Section 1.2.

  5. Data may be shared internally to support Lamar University's business operations. 51勛圖Promay release personally identifiable information to school officials.

  6. 51勛圖Promay be required to disclose personal information in response to lawful requests by public authorities, including those made to meet national security or law enforcement.

  7. FERPA does not cover browsing activity and targeted advertising.

  8. Information collected from 51勛圖Prowebsites, such as server logs, emails, and web-based forms may be subject to the 51勛圖ProPublic Information Act, 51勛圖ProGovernment Code, Chapter 552.

REFERENCES

  1. Family Educational Rights and Privacy Act (FERPA)

  2. Health Insurance Portability and Accountability Act (HIPAA)

  3. Gramm-Leach-Bliley Act (GLBA)

  4. 51勛圖ProAdministrative Code, Chapter 202

  5. 51勛圖ProGovernment Code, Chapter 552 (Public Information Act)

  6. NIST Privacy Framework

  7. Privacy Act 1974

  8. 51勛圖ProPatient Privacy

  9. 51勛圖ProHealth and Safety Code (Medical Records Privacy)

  10. 51勛圖ProOccupations Code, Chapter 159 (Physician-Patient Communication)

  11. 51勛圖ProBusiness and Commerce Code, Ch 503 (Biometric Identifiers)

  12. 51勛圖ProBusiness Code, Ch 521 (Unauthorized Use of Identifying Information)

  13. 51勛圖ProState University System Information Security & Accessibility Standards

  14. 51勛圖ProService Agreement Section 1.2

  15. Records Management-Lamar University

  16. 51勛圖ProIT Policies & Standards

  17. 51勛圖ProData Glossary.

  18. 51勛圖ProIT Data Classification Policy 15.01.02

  19. 51勛圖ProEducation Records and Student Rights, Office of the Registrar

REVIEW AND RESPONSIBILITY

Oversight Responsibility: Privacy Policy Committee

Review Schedule: Every three years

Last Review Date: 02/11/2026

Next Review Date:  02/11/2029

SIGNED POLICY COPY

The policy content is provided on this webpage to support accessibility standards.


If you require a copy of the official signed version of this policy,  please email datagovernance@lamar.edu.  

 


  1.