Privacy Principles

Indiana University must balance individual freedom and privacy with the need to serve or protect other core values and operations within the university.

How can you strive to ensure a business process, service, or project is implemented in a way that reduces or avoids causing privacy harms, as much as feasible?

Consider and apply the following privacy principles, particularly related to interactions with individuals whose information is collected, used, disclosed and retained by Indiana University:

Notice Principle
Informs the individual about privacy policies and procedures and identifies the purposes for which the individual's information is collected, used, disclosed and retained (sometimes referred to as the Purpose Specification or the Openness Principle).
Choice & Consent Principle
Obtains implicit or explicit consent from the individual with respect to the collection, use, disclosure and retention of the individual's information, particularly if that information is to be used for a secondary purpose or disclosed to a third party (sometimes referred to as the Objection Principle).
Collection Limitation Principle
Collects only the information needed to achieve the purposes identified by the business unit in support of the university's mission, and as outlined in the notice.
Use & Retention Principle
Uses the individual's information only as outlined in the notice, and keeps the information only as long as necessary to fulfill the stated purposes.
Disclosure Limitation Principle
Discloses the information to third parties only as outlined in the notice and as consented to by the individual either implicitly or explicitly.
Access Principle
Provides access to the individual to review and update or correct his or her information (sometimes referred to as the Participation Principle).
Monitoring & Enforcement Principle
Monitors compliance and has procedures to address complaints and disputes (sometimes referred to as the Recourse or the Redress Principle).

These privacy principles are adapted for IU from:

Privacy-related Blog Posts

  • Planning on purchasing a new iPhone 5s? Perhaps think twice about enabling the new fingerprint authentication offered by the device and iOS 7. And, while it's effective to worry about security & reliability, this time, it may not be the hackers you worry most about.
  • We finished our "12 Domains in 12 Months" awareness initiative!
  • New document on Identity Verification provides advice on how to verify that a person is who he says he is
  • In honor of Data Privacy Day 2013, Matt Ivester’s digital citizenship book, l