The university collects and maintains a variety of information, including information about students, faculty, staff and others. This information is collected in order to conduct university business. The university classifies information in two categories based on federal and state law.
Private information, defined as Sensitive Information in PPM 10-1, the Information Security Policy, can only be released to the subject of the information and to those within the university who have a legitimate need to know the information, outside entities with the subject's written permission and others as allowed by law. Some private information, like protected health information (PHI) and electronic PHI, is protected by law. Click here for an extensive list of private information items.