California State University, Chico University Advancement
Confidentiality Agreement
University Advancement has been entrusted with highly confidential information regarding alumni, parents, students and
friends of the University. In response to this trust and federal FERPA guidelines, the University insists on strict compliance
of confidentiality when using such information. This policy applies to all employees, including part-time, temporary,
contractual, and student assistants. Each data recipient is personally responsible for the protection of all information to
which they have access to.
SECTION TO BE COMPLETED BY EMPLOYEE
I certify that I have read and understand the attached "Summaries of Provisions of the California Information Practices Act
of 1977 and California Penal Code Section 502."
I certify that, in order to ensure the privacy and security of data, I agree to:
Access, distribute, share, and retain confidential data only as authorized and as needed to conduct campus
business as required to perform my job duties
Store under secure conditions all confidential data that I retain and ensure its confidential and timely destruction
when no longer needed to conduct campus business as required by my job
Respect the confidentiality and privacy of individuals whose data I access
Observe any ethical restrictions that apply to data to which I have access
Protect confidential information located at my workstation.
Report immediately to my supervisor any and all apparent and suspected security breaches
Comply with all department and campus security policies and procedures
I certify that I agree NOT to:
Change any data in any record in any database, except that data which I am directed to change.
Discuss verbally or distribute in electronic or printed formats any confidential data except as authorized and as
needed to conduct campus business as required to perform my job duties
Make unauthorized copies of confidential data
Knowingly falsely identify myself
Gain or attempt to gain unauthorized access to confidential data or University computing systems
Share my user ID(s) and password(s) with anyone nor use anyone else's user ID(s) or password(s), except as
authorized
Leave my workstation unattended and unsecured while logged-in to University computing systems
Use or allow other persons to use University data for personal gain
Engage in any activity that could compromise the security or confidentiality of data held in University records
I certify that I have read this Confidentiality Agreement and that I understand it. Failure to respect the confidential nature
of any or all information used or acquired by the University may result in disciplinary action being taken against me,
including termination from employment. I understand the University retains the right to pursue prosecution when misuse
of information or resources is determined.
Employee Name Employee Signature Date
Employee Username:
SECTION TO BE COMPLETED BY SUPERVISOR
My signature below certifies that the above employee, who is under my supervision, may require access to personally
identifiable information and/or other confidential data about students, faculty, staff, alumni, applicants, patrons,
contributors, or other individuals in the performance of his or her job duties.
Supervisor Name
Supervisor Signature
Date
Last Revised: 9/2/2016
Summaries of Provisions
California Information Practices Act of 1977 & California Penal Code Section 502
INFORMATION PRACTICES ACT OF 1977
Article 10. Penalties
1798.55 - The intentional violation of any provision of this chapter or any rules or regulations adopted thereunder, by an
officer or employee of any agency shall constitute a cause for discipline, including termination of employment.
1798.56 - Any person who willfully requests or obtains any record containing personal or confidential information from an
agency under false pretenses shall be guilty of a misdemeanor and fined not more than five thousand dollars ($5,000), or
imprisoned not more than one year, or both.
CALIFORNIA PENAL CODE SECTION 502
Section 502 is intended to provide protection to individuals, businesses, and governmental agencies such as Chico State
University from tampering, interference, damage, and unauthorized access to lawfully created computer data and
computer systems.
502 Computer crimes - Status as felonies:
(b) Any person who intentionally accesses or causes to be accessed any computer system or computer network for the
purpose of (1) devising or executing any scheme or artifice to defraud or extort, or (2) obtaining money, property, or
services with false or fraudulent intent, representations, or promises shall be guilty of a public offense.
(c) Any person who maliciously accesses, alters, damages, or destroys any computer system, computer network, computer
program, or data shall be guilty of a public offense.
(d) Any person who violates the provision of subdivision (b) or (c) is guilty of a felony and is punishable by a fine not
exceeding five thousand dollars ($5,000), or by imprisonment in the state prison for 16 months, or two or three years,
or by both such fine and imprisonment, or by a fine not exceeding two thousand five hundred dollars ($2,500), or by
imprisonment in the county jail not exceeding one year, or by both such fine and imprisonment.
-- End of Summaries --
ADDITIONAL INFORMATION SOURCES
Further information on applicable state and federal laws can be obtained at the following web site locations:
Information Practices Act of 1977 http://www.privacyprotection.ca.gov/ipa.htm
California Code of Regulations - Title V http://ccr.oal.ca_gov
Family Educational Rights and Privacy Act (FERPA) http://www.ed.gov/offices/OM/fpco/ferpa/
CSU Coded Memorandum HR2002-27 - Requirements for Protecting Confidential Data
http://www.calstate.edu/HRAdm/pdf2002/HR2002-27.pdf
CSU Coded Memorandum HR2003-5 - Requirements for Protecting Confidential Data - Updated
http://www.calstate.edu/HRAdm/pdf2003/HR2003-05.pdf
CSU Records Access Manual (February 2003) http://www.calstate.edu/Gc/Docs/Records_Access_Manual.doc
CHICO STATE UNIVERSITY APPROPRIATE USE POLICY
The Chico State University Appropriate Use Policy is available on the Chico State University web site at:
http://www.csuchico.edu/itss/top-nav/policies/acceptable-use.shtml
Last Revised: 9/6/2016