Privacy

The Privacy Office promotes an organizational culture that provides exceptional leadership and oversight to Penn State faculty, staff, and students so they may conduct business operations and activities with privacy at the forefront. We commit to compliance with local and regulatory requirements and University policies, standards, and guidelines pertaining to data privacy.

Penn State's Privacy Principles

Privacy Principles will inform University and unit business decisions that may impact individuals’ privacy. These Principles are designated to help units identify and develop proportionate and effective measures to ensure that individuals’ privacy is respected.

The Principles

Services

GDPR

Requires a baseline set of standards for organizations that process personal information.

blue locks with one unlocked red lock on 1s and 0s background

GLBA

Establishes consumer privacy rights and security measures for consumer information.

HIPAA

Keeps your protected health information (PHI) private.

PII

Notifies individuals of security breaches that affect personally identifiable information.

hands typing on keyboard of laptop with keyhole shield floating above

Privacy Impact Assessment

Analyzes how a unit collects, uses, shares, and maintains identifiable information on behalf of Penn State.

Privacy Policies

: Penn State's Policy AD53 establishes a framework for compliance and responsibility regarding privacy and the protection of an individual’s personal information.
: Penn State's Policy AD22 describes the responsibilities of The Pennsylvania State University (“University”) under the Health Insurance Portability and Accountability Act of 1996 and its implementing federal regulations (collectively, “HIPAA”).

Privacy Council

Partnering together to ensure privacy is at the forefront of the University community.

Holly Swires, Chair
Chief Privacy Officer
HIPAA Privacy Officer
hzl104@psu.edu

Todd Camp
Senior Director of Administration, Commonwealth Campuses and Chief Administrative Officer, Harrisburg campus

David Horton
VP; Information Technology and Chief Information Officer

Kyle Crain
Interim Chief Information Security Officer

Andrea Dowhower
VP; Student Affairs

Renata S. Engel
Vice Provost for Online Education

Jeff Adams
Interim Vice Provost and Dean for Undergraduate Education

Jennifer Jacobs
Associate General Counsel

Robert Kubat
Assistant Vice President for Undergraduate Education; University Registrar

Amber Grove
Chief Ethics and Compliance Officer

Bill Raab
Assistant VP; Risk Management

Cheri Remmert
Privacy Officer, Penn State Health

Travis Schenck
Associate Director, Internal Audit

Tracy Langkilde
Interim Executive Vice President; University Provost

Andrea Tapia
Dean and Professor, College of Information Sciences and Technology

Aliana Steinbugl
Director University Police & Public Safety/Physical Security

Larry Terry
Vice President for Outreach

Jennifer Wilkes
VP; Human Resources

Sara Thorndike
Senior Vice President, Finance and Business; Treasurer

Debra Thurley
Associate Vice President for Research; Director, Research Protections

TBD
Records Management Officer

Training

It is recommended if you work with personally identifiable information (PII), personal information, or sensitive information that you take the data privacy training. For more training on Penn State’s Privacy Program and data privacy go to the Learning Resource Network (LRN), log-in using your Penn State account, and search “Data Privacy at Penn State."

The HIPAA Privacy Rule Training is required annually for all workforce members of the designated HIPAA Covered Components. To access the training for employees, go to the Learning Resource Network (LRN), log-in using your Penn State account, and search “HIPAA Privacy Rule Training.

Please contact the Privacy Office for more information.

Privacy Office

privacy@psu.edu