Date enacted or revised:
Enacted August 2016
McNeese State University is committed to the protection of personal information of all University students and employees. The purpose of this policy is to address the collection, storage, use and disclosure of the Social Security Numbers (SSNs) and to:
- Eliminate the use of the SSN as a primary identifier for all individuals associated with the university;
- Continue to raise awareness of the confidential nature of the SSN;
- Protect privacy interests;
- Promote confidence among students and employees that SSNs are handled in a confidential manner;
- Provide a consistent policy regarding treatment of SSNs.
A McNeese State University identification number (MSU ID) is assigned to all students, employees, and other individuals with a need to access University services and facilities. The MSU ID is:
- Not the same as, or based upon, the individual’s SSN or other unique demographic information.
- Assigned at the earliest possible point of contact between the individual and the University.
- A replacement for the SSN as a common, unique identifier.
- Used in electronic and paper data systems to identify, track, and provide service to individuals associated with the University.
- Considered the property of the University, and its use and governance shall be at the discretion of the University, within the parameters of the law.
The University collects and stores the SSN as confidential information associated with an individual. SSNs are used when required by law or by state, federal, and law enforcement agencies, when attempting to identify individuals for whom a MSU ID is not known, and to verify information related to an individual.
The SSN may be used as a key to identify historical records given its past use as the primary identifier. SSNs may not be used as a primary identifier in any University system, including an indexing system for imaged documents, unless permission is granted by an appropriate SSN Administrator.
Any transmission of data containing SSNs by University-related individuals over any communication network, including emails, must be transmitted through encrypted mechanisms.
The Registrar serves as the SSN Administrator for student records and is responsible for overseeing Social Security Number usage as it relates to students, prospective students, and alumni. The Director of Human Resources and Student Employment serves as the SSN Administrator for employee records and is responsible for overseeing Social Security Number usage as it relates to employees. The Comptroller serves as the SSN Administrator for records for individuals other than students, prospective students, alumni, and employees associated with the University.
Each Social Security Number Administrator shall be responsible for the following.
- Monitoring compliance with the University’s SSN Policy
- Authorizing the use of SSNs by appropriate persons acting for the University
- Coordinating communications to faculty, staff, and students concerning their rights and responsibilities with regard to collection, maintenance and distribution of SSNs
- Providing support and guidance for offices working with SSNs
- Maintaining a set of disclosure statements for use on University forms and documents that collect SSNs
- Developing a set of standards and guidelines addressing the handling of SSNs in electronic systems
All University forms and documents that request SSNs shall include an approved disclosure statement and will indicate whether compliance with request is voluntary or mandatory. Existing forms and documents shall be modified as they are reprinted. Approved statements shall be available through the appropriate SSN Administrator.
All documents (paper and electronic) and any storage media containing SSNs shall be stored or disposed of in a timely and secure fashion consistent with state, federal and University record retention policies.
SSNs will be released by the University to entities outside the University only as required or allowed by law, when permission is granted by the individual, or when the external entity is acting as the University’s contractor or agent and, in keeping with University policies, adequate security measures are in place to prevent unauthorized dissemination to third parties.
This policy does not preclude, if a primary means of identification is unavailable, University employees from using the SSN as needed during the execution of their duties.
An employee or student who substantially breaches the confidentiality of Social Security numbers may be subject to disciplinary action or sanctions up to and including termination or dismissal in accordance with University policies and procedures.
This information is communicated through the Administrative Advisory Council, the Academic Advisory Council, and the University Policy Page.