The Privacy Program’s goal is to develop a network of Privacy Pros across the university to keep Ohio State thinking about and upholding our privacy principles. Privacy Pros are faculty or staff members who:
- Spot and work with university teams to address privacy issues in their daily work,
- Collaborate with others around the university to drive solutions that balance privacy and unit strategies,
- Implement and report on their unit’s privacy practices, and
- Have fun while making a difference protecting the privacy of everyone who learns, teaches, works, visits, heals and supports Ohio State.
Want to become a Privacy Pro?
To join, contact the privacy team at firstname.lastname@example.org. We’ll connect with you and share more info.
Will I get any training on how to be a Privacy Pro?
The privacy team will hold regular meetings to talk about privacy issues and information relevant to Privacy Pros. During those meetings, we will provide training on privacy issues and solutions that affect Ohio State as well as discuss emerging privacy issues with others on the team.
What is the different between privacy and security?
Privacy is the collection, use, and sharing of personal information. Security is typically related to the steps taken to secure the container in which personal information data sits. While the two often overlap, there are distinct differences and that is why we approach the two topics both together and separately in our privacy work.
Why are there privacy questions in the security framework?
Our goal of the Privacy Program is to embed privacy across the university in the most streamlined and effective way possible. While integrating privacy into a well-established, university-wide security program will require some work, the approach provides for long-term efficiencies and high impact for Ohio State.
Roles and Responsibilities
Promote Privacy in Your Unit
Privacy Pros implement privacy practices within their unit.
SMS and Texting
Cookies and Trackers
Video and Audio Recordings
Units use and implement a variety of apps and tools that have the capability of recording individuals. Follow the Guidelines for Video and Audio Sharing Tools – Classrooms and Meetings to get started on a privacy impact assessment for these tools.
Processing Personal Information of EU or EEA residents (GDPR)
Conduct Privacy Impact Assessments
When conducting a Privacy Impact Assessment, Privacy Pros consider:
- The Ohio State Privacy Principles, privacy best practices and applicable regulations,
- Privacy notices or statements provided to individuals,
- Privacy practices of third-party solutions or providers who are part of the implementation, and
- Other university policies or requirements.
Report Privacy Control Requirements Attestation
The privacy team has published privacy control requirements as the first step in learning more about units’ privacy practices. Privacy Pros will begin by learning about the privacy control requirements and then how to assess their unit’s privacy practices. Guidance documents and templates will be posted right here to help you along your unit’s privacy journey.
Please note: For FY21 and FY22, the privacy attestation questions are in pilot. The responses to these questions will not factor into the scoring for the information security control requirements attestation (ISCR.a).
Last updated: November 18, 2021