University Information Policy Office, firstname.lastname@example.org
This policy applies to all:
IU will receive, evaluate, and respond to complaints regarding IU’s privacy practices. The process for addressing such complaints may vary depending on the nature of the complaint and whether there are, for example, external regulatory compliance demands or not. The process for addressing such complaints will adhere to the following general principles.
The university will not require an individual to waive his or her right to file a privacy complaint with governmental officials as a condition of providing services.
Individuals will not be subject to acts of retaliation for filing a privacy-related complaint or engaging in other such protected activities, consistent with applicable federal and state laws as well as university policy.
The university will cooperate with government officials who receive and investigate privacy complaints regarding IU’s policies, procedures or practices as they relate to compliance with applicable law.
Nothing in this policy is meant to nor shall it be construed to be inconsistent with applicable university policy, state, or federal law
Indiana University has adopted privacy-related policies and procedures applicable to all members of the university community and strives to implement safeguards to address privacy issues consistent with the university mission and environment, applicable legal requirements and professional standards, generally accepted privacy norms, and available resources.
The purpose of this policy is to outline Indiana University's approach to providing a mechanism for individuals to submit complaints regarding IU’s privacy practices. The policy also describes how the university will address such complaints.
Where required by law or regulation, the university will inform individuals, through the method stipulated in the law, of their right to make a privacy complaint to IU and/or applicable government or regulatory officials.
Complaints focusing on any of the following areas may be submitted regarding: (i) IU’s privacy policies and procedures; (ii) compliance with those policies and procedures; (iii) concerns related to the use, disclosure and protection of personally identifiable information; or (iv) concerns related to physical privacy. All such complaints must contain a brief description of the surrounding circumstances as well as the alleged violation of policy, procedure or legal requirement.
Individuals are encouraged to work directly with the management of the unit where the privacy concern is experienced. If the response by the unit is not satisfactory, individuals may report privacy complaints to the most relevant IU privacy official for the type of complaint; however, when in doubt as to which is the most relevant, complaints may be submitted to any of the university’s privacy officials. The receiving privacy official will transfer the complaint to the most relevant official as appropriate.
Indiana University will handle reports of misuse and abuse of information and information technology resources in accordance with existing policies and procedures issued by appropriate authorities. Depending on the individual and circumstances involved this could include the offices of Human Resources, Vice Provost or Vice Chancellor of Faculties (or campus equivalent), Dean of Students (or campus equivalent), Office of the General Counsel, and/or appropriate law enforcement agencies. See policy IT-02, Misuse and Abuse of Information Technology Resources for more detail.
Failure to comply with Indiana University information technology policies may result in sanctions relating to the individual's use of information technology resources (such as suspension or termination of access, or removal of online material); the individual's employment (up to and including immediate termination of employment in accordance with applicable university policy); the individual's studies within the university (such as student discipline in accordance with applicable university policy); civil or criminal liability; or any combination of these.