Gathering Sensitive Information (Social Security numbers, student numbers, credit cards, etc)
University policy prohibits using non-secure forms to collect sensitive information, such as social security numbers, student numbers, or credit card numbers. Forms requesting this type of information need to be stored on a secure server, and data may not be sent via e-mail or stored in a .csv file on a secure server. The IT-Client Services Web Team and IT-AIS- Data Access Team can provide assistance in setting up proper forms for sensitive data. For more information, contact the IT-Client Services Webteam.
In addition, UNI Web Policy mandates any transactions that require secure communications (such as in the use of social security, pin, or credit card numbers over the internet), must receive the approval of the Office of the Chief Information Officer that the transmission, storage, and use of such data meets standards for security and privacy, such as using Secure Socket Layer (SSL).
