University Records & Information Management

Record Security and Confidentiality

locked-filesBy default, campus records are considered confidential, and should be protected from unauthorized access.

  • Records containing Personally Identifiable Information (PII) or Personal Health Information (PHI) are considered highly confidential.
  • Records containing student information are protected by FERPA.

Protecting Physical (Paper) Records

  • Highly confidential records should be stored in locked cabinets or rooms.
  • Protect records by not leaving them in an open area when unattended by authorized personnel.

Protecting Electronic Records

  • Access to confidential records should require the use of BYU NetId credentials, and should be encrypted.
    • Box and SharePoint are the recommended repositories for electronic records.
  • Portable storage devices containing highly confidential information should be kept in a locked cabinet or room, and should be encrypted.

Destroying Confidential and Highly Confidential Records

For a pdf of the Record Types discussed in the Record Liaison training, please click here: Record Types