Virtru Protected Information

• Criminal investigations, Campus Police records and evidentiary materials

• Advisory, consultative or deliberative material

• Victims records

• Documents subject to attorney client privilege

• Administrative or technical information regarding computer hardware, software and networks which would jeopardize computer security

• Emergency or security information for any building that would jeopardize security of the building or persons therein

• Security measures and surveillance techniques

• Information required to be kept confidential by court order

• Admission applications

• Student records (FERPA), grievance or disciplinary proceedings

• Student records other than directory information

• Social Security Numbers

• Unlisted telephone numbers

• Student directory information that a student has requested not to be disclosed

• Student and employee ID numbers combined with PINs and/or birth dates

• Victims records

• Charitable contributions

• Student records other than directory information

• Credit card account number, or debit card number and any required security code, access code or password that would permit access to an individual’s financial account (e.g. other cardholder data)

• Personal financial information, including checking or investment account numbers

• Student and employee ID numbers combined with PINs and/or birth dates

• Student records other than directory information

• Student directory information that a student has requested not to be disclosed

• Health Information, including Protected Health Information (PHI) and any data covered under the Health Insurance Portability and Accountability Act (HIPAA)

  • PHI can include data such as information, including demographic data, that relates to:

    • the individual’s past, present or future physical or mental health or condition,

    • the provision of health care to the individual, or

    • the past, present, or future payment for the provision of health care to the individual,

    • and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual. Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number)

• Student records (FERPA), grievance or disciplinary proceedings

• Criminal investigations, Campus Police records and evidentiary materials

• Trade secrets and proprietary commercial or financial information obtained from any source, or information that is the subject of a non-disclosure agreement with the University.

• Administrative or technical information regarding computer hardware, software and networks which would jeopardize computer security

• Emergency or security information for any building that would jeopardize security of the building or persons therein

• Security measures and surveillance techniques

• Information that would give an advantage to competitors or bidders

• Sexual harassment complaints and investigations

• Grievances filed

• Unlisted telephone numbers

• Communications with insurance carriers or risk management officers

• Personnel and pension records

• Documents subject to attorney client privilege

• Information required to be kept confidential by court order

• Biotechnology trade secrets

• Student records other than directory information

• Student directory information that a student has requested not to be disclosed

• Student records (FERPA), grievance or disciplinary proceedings

• Trade secrets and proprietary commercial or financial information obtained from any source, or information that is the subject of a non-disclosure agreement with the University.

• Administrative or technical information regarding computer hardware, software and networks which would jeopardize computer security

• Emergency or security information for any building that would jeopardize security of the building or persons therein

• Sexual harassment complaints and investigations

• Grievances filed

• Trade secrets and proprietary commercial or financial information obtained from any source, or information that is the subject of a non-disclosure agreement with the University.

• Administrative or technical information regarding computer hardware, software and networks which would jeopardize computer security

• Emergency or security information for any building that would jeopardize security of the building or persons therein

• Security measures and surveillance techniques

• Information that would give an advantage to competitors or bidders

• Sexual harassment complaints and investigations

• Grievances filed

• Collective bargaining negotiations

• Test questions, scoring and other examination data

• Student records (FERPA), grievance or disciplinary proceedings

• Biotechnology trade secrets

• Personnel and pension records

• Student records other than directory information

• Social Security Numbers

• Student directory information that a student has requested not to be disclosed

• Student and employee ID numbers combined with PINs and/or birth dates

• School assigned usernames or other account names combined with unencrypted password string

• Driver’s License Numbers

• Trade secrets and proprietary commercial or financial information obtained from any source, or information that is the subject of a non-disclosure agreement with the University.

• Social Security Numbers

• Passport and VISA numbers

• Criminal investigations, Campus Police records and evidentiary materials

• Driver’s License Numbers

• Student records other than directory information

• Admission applications

• General User

• Emergency or security information for any building that would jeopardize security of the building or persons therein

• Security measures and surveillance techniques

• Administrative or technical information regarding computer hardware, software and networks which would jeopardize computer security

• Information that would give an advantage to competitors or bidders

• Biotechnology trade secrets

• Medical examiner and other non-PHI medical records

• Criminal investigations, Campus Police records and evidentiary materials

• Advisory, consultative or deliberative material

• Victims records

• Documents subject to attorney client privilege

• Sexual harassment complaints and investigations

• Grievances filed

• Communications with insurance carriers or risk management officers

• Information required to be kept confidential by court order

• Student records (FERPA), grievance or disciplinary proceedings

• Student records other than directory information

• Protected Health Information (PHI) and any data covered under the Health Insurance Portability and Accountability Act (HIPAA)

  • PHI can include data such as information, including demographic data, that relates to:

    • the individual’s past, present or future physical or mental health or condition,

    • the provision of health care to the individual, or

    • the past, present, or future payment for the provision of health care to the individual,

    • and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual. Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number)

• Health Insurance Policy ID Numbers

• Student directory information that a student has requested not to be disclosed

• Student and employee ID numbers combined with PINs and/or birth dates

• Test questions, scoring and other examination data

• Social Security Numbers

• Personal financial information, including checking or investment account numbers

• Student directory information that a student has requested not to be disclosed

• Student and employee ID numbers combined with PINs and/or birth dates

• School assigned usernames or other account names combined with unencrypted password string

• Student records other than directory information

The GLBA Privacy Rule protects a consumer's "nonpublic personal information" (NPI). NPI is any "personally identifiable financial information" that a financial institution collects about an individual in connection with providing a financial product or service, unless that information is otherwise "publicly available."

• information an individual gives you to get a financial product or service (information on an application)

• information you get about an individual from a transaction involving your financial product(s) or service(s)

• information you get about an individual in connection with providing a financial product or service

Parents or eligible students have the right to inspect and review the student's education records maintained by the school. Schools are not required to provide copies of records unless, for reasons such as great distance, it is impossible for parents or eligible students to review the records. Schools may charge a fee for copies.

Parents or eligible students have the right to request that a school correct records which they believe to be inaccurate or misleading. If the school decides not to amend the record, the parent or eligible student then has the right to a formal hearing. After the hearing, if the school still decides not to amend the record, the parent or eligible student has the right to place a statement with the record setting forth his or her view about the contested information.

Generally, schools must have written permission from the parent or eligible student in order to release any information from a student's education record. However, FERPA allows schools to disclose those records, without consent, to the following parties or under the following conditions (34 CFR § 99.31):

• School officials with legitimate educational interest;

• Other schools to which a student is transferring;

• Specified officials for audit or evaluation purposes;

• Appropriate parties in connection with financial aid to a student;

• Organizations conducting certain studies for or on behalf of the school;

• Accrediting organizations;

• To comply with a judicial order or lawfully issued subpoena;

• Appropriate officials in cases of health and safety emergencies; and

• State and local authorities, within a juvenile justice system, pursuant to specific State law.

The HIPAA Privacy Rule protects all "individually identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. The Privacy Rule calls this information "protected health information (PHI)."

“Individually identifiable health information” is information, including demographic data, that relates to:

• the individual’s past, present or future physical or mental health or condition,

• the provision of health care to the individual, or

• the past, present, or future payment for the provision of health care to the individual,

and that which identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual. Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number).

The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as:

• a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons. 

In practice, these also include all data which are or can be assigned to a person in any kind of way. For example:

• the telephone, credit card or personnel number of a person, account data, number plate, appearance, customer number or address are all personal data.