University employees with access to confidential information are responsible for its security. Following are some guidelines:

  1. Confidential information should be locked in a file cabinet or desk drawer when not in use.
  2. Confidential information should never be left unattended. This includes computer desktop devices, which must be signed off when unattended.
  3. Computer passwords must be kept secret, must not be stored in computer files or libraries, must not be shared, nor left near computer terminals, on cabinets, or on bulletin boards.
  4. Confidential information is to be used for authorized purposes only.