The Privacy Office promotes an organizational culture that provides exceptional leadership and oversight to Penn State faculty, staff, and students so they may conduct business operations and activities with privacy at the forefront. We commit to compliance with local and regulatory requirements and University policies, standards, and guidelines pertaining to data privacy.
Penn State's Privacy Principles
Privacy Principles will inform University and unit business decisions that may impact individuals’ privacy. These Principles are designated to help units identify and develop proportionate and effective measures to ensure that individuals’ privacy is respected.The Principles
Requires a baseline set of standards for organizations that process personal information.
Establishes consumer privacy rights and security measures for consumer information.
Keeps your protected health information (PHI) private.
Notifies individuals of security breaches that affect personally identifiable information.
Privacy Impact Assessment
Analyzes how a unit collects, uses, shares, and maintains identifiable information on behalf of Penn State.
Penn State's Policy AD53 establishes a framework for compliance and responsibility regarding privacy and the protection of an individual’s personal information.
Penn State's Policy AD22 describes the responsibilities of The Pennsylvania State University (“University”) under the Health Insurance Portability and Accountability Act of 1996 and its implementing federal regulations (collectively, “HIPAA”).
Partnering together to ensure privacy is at the forefront of the University community.
Holly Swires, Chair
Chief Privacy Officer
HIPAA Privacy Officer
Kelly M. Austin
VP, Commonwealth Campuses and Executive Chancellor
Chief Information Security Officer
Associate VP, Student Affairs
Renata S. Engel
Vice Provost for Online Education
VP and Dean for Undergraduate Education
Associate General Counsel
Assistant Vice President for Undergraduate Education; University Registrar
Chief Ethics and Compliance Officer
Assistant VP; Risk Management
Privacy Officer, Penn State Health
Associate Director, Internal Audit
Interim Executive Vice President; University Provost
Dean and Professor, College of Information Science and Technology
Director University Police & Public Safety/Physical Security
Vice President for Outreach
Interim VP, Human Resources
Senior Vice President, Finance and Business; Treasurer
Associate Vice President for Research; Director, Research Protections
Records Management Officer
It is recommended if you work with personally identifiable information (PII), personal information, or sensitive information that you take the data privacy training. For more training on Penn State’s Privacy Program and data privacy go to the Learning Resource Network (LRN), log-in using your Penn State account, and search “Data Privacy at Penn State."
The HIPAA Privacy Rule Training is required annually for all workforce members of the designated HIPAA Covered Components. To access the training for employees, go to the Learning Resource Network (LRN), log-in using your Penn State account, and search “HIPAA Privacy Rule Training.
Please contact the Privacy Office for more information.