Rockwell HallDonald Savage TheaterBuffalo State is located at 1300 Elmwood Avenuecampus in the fallRockwell Hall Performing Arts CenterSports ArenaBurchfield Penney Art CenterMoot HallBarnes and Noble Bookstore

Human Resource Management, Buffalo State College Friday, December 5, 2008
Featured Links

Choices 2009 Booklet

2009 Health Insurance Rates NEW!

Individual Development Awards
July 2, 2008 - July 1, 2009

SUNY Perks NEW!

2008 UUP Discretionary Information

Employment

Revised I-9 Form / I-9 FAQ's
Revised 6/16/08

HRMS-2 Revised 8/6/08

Online access to your health insurance enrollment record

New Hires, Promotions, Retirements

Campus Building Abbreviations

About HR/Contact Us
Site Map
Faculty/Staff Statistics
About Buffalo State


 
Buffalo State College

Guidelines for Maintaining the Security, Confidentiality, and Integrity of Customer Information
In compliance with the Gramm-Leach-Bliley Act and the rules promulgated therein by the Federal Trade Commission, Buffalo State College requires that all employees receive the following guidelines to ensure the security and confidentiality of customer records and information:

Control access to rooms and file cabinets where paper records are kept:

  • All doors to office areas must be locked during non-business hours.
  • Work areas where customer information is processed must be behind locked doors or otherwise secured during business hours.
  • Guests should be escorted in areas where customer information is being processed.
  • Guests should be restricted to areas that do not have customer information in plain view. Conversely, customer information should be kept out of areas accessible to students and the public.
  • File cabinets used to store customer information must be secured in locked areas.
  • Fireproof cabinets used to store promissory notes must be locked during non-business hours.
  • Records containing customer information are to be retained only as long as they are valid, useful, and required to be retained. When no longer needed, paper, microfilm, and microfiche records must be destroyed by shredding. Electronic records must be destroyed according to current guidelines available from Computing and Technology Services. Retention guidelines are available from the Campus Services Office.

Back to top

Control access to information stored electronically:

  • Workstations should be behind locked doors or otherwise secured.
  • Employees should "minimize" any computer windows not in use, to prevent inadvertent breaches.
  • Employees are encouraged to password-protect their workstations when not in use.
  • Employees should use strong passwords for all systems (at least eight characters, alphanumeric).
  • Employees should change their passwords every 60 days or less.
  • Employees must not post passwords on or near their computers.
  • Access to student and employee records systems will be granted only to those employees whose job duties require them to access customer information.

Protect our customers' information:

  • Employees should respond to requests for customer information in accordance with the Family Educational Rights and Privacy Act (FERPA). FERPA questions or potential violations should be referred to the Registrar's Office.
  • Employees should refer to appropriate security policies as needed to ensure compliance.
  • Employees must report any fraudulent attempt to obtain customer information to management, who should then report the attempt to the Vice President for Finance and Management's Office.

Back to top

Source:  Bulletin, Vol. 54, No. 12, November 6, 2008

Copyright © 2001-2008 Human Resource Management, Buffalo State College, 1300 Elmwood Avenue, Cleveland Hall 403, Buffalo, NY 14222
Telephone: (716) 878-4822, FAX: (716) 878-3068
Questions or comments about this site may be sent to the .