56.50 - Data Transparency (TR)

Return to policies website

Policy Statement
TTUHSC El Paso shall implement methods for disclosing data privacy practices and activities for consumer-related data.

Reason for Policy
The purpose of the Data Transparency (TR) policy is to implement TTUHSC El Paso's method for disclosing information practices and activities for consumer data.

Entities Affected by this Policy are any and all users of Information Resources at TTUHSC El Paso.

What is covered in this Policy?
The overall policy addresses the Institutional stance as it applies to Privacy notice, safe harbor, and dissemination of privacy program information.

It is the stance of TTUHSC El Paso to ensure that there are safeguards in place aligned with NIST 800-53 and TAC 202 to ensure the protection, integrity, and confidentiality of information resources at TTUHSC El Paso.

Who Should Read this Policy?
All individuals accessing, storing, viewing any TTUHSC El Paso information resources.

What happens if I violate this policy?
Any person(s) violating TTUHSC El Paso Information Technology policies are subject to penalty under federal, state, and local legislation. Disciplinary actions are further outlined in HSCEP OP 56.50 Sanctions Policy.

 

TR-01: Privacy Notice

TTUHSC El Paso provides effective notice to the public and to individuals regarding;

  • It's activities that impact privacy, including its collection, use, sharing, safeguarding, maintenance, and disposal of PII;
  • Authority for collecting PII;
  • The choices, if any, individuals may have regarding how the organization uses PII and the consequences of exercising or not exercising those choices; and
  • The ability, if any, to access and have PII amended or corrected if necessary.

Where technically feasible and a business reason exists, data/process owners are required to implement mechanisms to provide notice to the public and to individuals regarding:

  1. Activities that impact privacy, including its collection, use, sharing, safeguarding, maintenance, and disposal of PII;
  2. The choices, if any, individuals may have regarding how the organization uses PII and the consequences of exercising or not exercising those choices; and
  3. The ability, if any, to access and have PII amended or corrected if necessary.

 

TR-03: Dissemination of Privacy Program Information

TTUHSC El Paso:

  • Ensures that the public has access to information about its privacy activities and is able to communicate with its Chief Privacy Officer (CPO); and
  • Ensures that its privacy practices are publicly available through organizational websites or otherwise.

TTUHSC El Paso's compliance department is responsible for disseminating privacy program information.

 

All other IT Policies can be found at https://ttuhscep.edu/it/policies/

 

  1. UK Data Protection Act of 1998 (Chapter 29 - Schedule 1 - Principles 8)
  2. HSCEP 56.50 Sanctions Policy
  3. TAC §202.73, §202.74, §202.75

 

Revised May 2018