CSUSM complies with the ICSUAM poilcy regarding privacy of personal information:
Effective Date: 4/19/2010 | Revised Date: 4/19/2010
The CSU Information Security policy provides direction and support for protecting the privacy of personal information managed by the C SU and guidance for collecting and accessing personal information.
All users of campus information systems or network resources are advised to consider the open nature of information disseminated electronically and must not assume any degree of privacy or restricted access to information they create or store on campus systems. The CSU is a public university and information stored on campus information systems may be subject to disclosure under state law. No campus information system or network resource can absolutely ensure that unauthorized persons will not gain access to information or activities. However, the CSU acknowledges its obligation to respect and protect private information about individuals stored on campus information systems and network resources.
To comply with state and federal laws and regulations, campuses may not collect personally identifiable information unless the need for it has been clearly established.
Where such information is collected:
Except as noted elsewhere in CSU policy, information about individuals stored on campus information systems may only be accessed by:
When appropriate, authorized CSU personnel following established campus procedures may ac cess, modify, and/or disclose information about individuals stored on campus information systems or a user’s activities on campus information systems or network resources without consent from the individual. For example, CSU may take such actions for any of the following reasons:
If CSU personnel accesses, modifies, and/or discloses information about an individual and/or his/her activities on campus information systems or network resources, staff will make every reasonable effort to respect information and communications that are privileged or otherwise protected from disclosure by CSU policy or applicable laws .
Campuses are advised to consult the CSU Records Access Manual to determine which records must be made available for public inspection under the California Public Records Act.
Individuals who access or store protected data must use due diligence to prevent unauthorized access and disclosure of such assets.
Browsing, altering, or accessing electronic messages or stored files in another user’s account, computer, or storage device is prohibited, even when such accounts or files are not password protected, unless specifically authorized by the user for CSU business reasons. This prohibition does not affect: