Skip to content

Private Information

Information can be broken into three categories: 

  • High-Risk – Data that could be used to steal an individual's identity or cause harm to the individual, and for which there are legal requirements or industry standards prohibiting or imposing financial penalties for unauthorized disclosure. Data covered by Gramm-Leach Bliley Act (GLBA) and Payment Card Industry (PCI) are in this class.
  • Restricted – Information assets for which there are legal requirements prohibiting or imposing financial penalties for unauthorized disclosure.  Data covered by federal and state legislation, such as Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability and Accountability Act (HIPAA), Government Records Access and Management Act (GRAMA), or the Data Protection Act, are in this class.
  • Confidential – Data that the College has determined should be protected because it may expose the College to loss if disclosed, but is not protected by federal or state legislation. For example a user ID in combination with a password is considered to be confidential.

The following is a compiled list of PII from various college sources.

This list is not exhaustive and should only be used as a reference for purposes of data protection. Data protection is the implementation of administrative, technical or physical measures to guard against the unauthorized access to data. 

Employee Information 

  • Social security number
  • Birth date/place
  • Home phone number
  • Home address
  • Health records
  • Passwords
  • Gender
  • Ethnicity
  • Citizenship
  • Citizen visa code
  • Veteran and disability status

Non-directory Student Information
May not be released except under certain prescribed conditions. Non-releasable information includes: 

  • Social security number
  • Student ID
  • Courses taken
  • Number of course units enrolled
  • Schedule
  • Last school attended
  • Test scores
  • Advising records
  • Educational services received
  • Disciplinary actions
  • Student e-mail
  • Grades and/or grade point average

Protected Patient Health & Research Identifiers 

  • Name
  • All geographic subdivisions smaller than a state (street address, city, county, precinct) Note: zip code or equivalents must be removed, but can retain first three digits if the geographic unit to which the zip code applies if the zip code area contains more than 20,000 people.
  • For dates directly related to the individual, all elements of dates, except year (date of birth, admission date, discharge date, date of death).
  • All ages over 89 or dates indicating such an age, except that you may have an aggregate category of individuals 90 and older.
  • Telephone number
  • Fax number
  • Email address
  • Social security number
  • Medical record number
  • Health plan number
  • Account numbers
  • Certificate or license numbers
  • Vehicle identification/serial numbers, including license plate numbers
  • Device identification/serial numbers
  • Universal resource locators
  • Internet protocol addresses
  • Biometric identifiers
  • Full face photographs and comparable images
  • Any other unique identifying number, characteristic or code

Financial/Credit Cards 

Any information obtained during the offering or delivery of a financial product or service that is identifiable to an individual such as:

  • Name
  • Address
  • Phone number
  • Account balances
  • ACH numbers
  • Bank account numbers
  • Credit card numbers
  • Credit rating
  • Location of birth
  • Driver's license information
  • Income history
  • Payment history
  • Tax return information

Any information obtained during the processing of a credit card payment transaction that identifies individual consumers and their purchases, such as:

  • Account number
  • Expiration date
  • Name
  • Address
  • Social security number

Other 

  • Legal investigations conducted by the College
  • Sealed bids
  • Trade secrets or intellectual property such as research activities
  • Location of assets
  • Linking a person with the specific subject about which the library user has requested information or materials.