UW Privacy Office



Our UW Privacy Office services are not bound to a single organization or a single type of data. They are based on the belief that we should be authentic about the collection and use of individually identifiable information we and the UW hold in our possession. By assessing and balancing privacy risk across organizations and types of data, we connect disparate pieces of information to advise our colleagues and help them make informed decisions for UW. This connection helps UW ensure it has a coherent and universal privacy policy for all those we serve, regardless of relationship with UW. We accomplish this through the following services:

Values and Principles

Establishing privacy principles consistent with UW vision and values.

Risk Balancing Processes

Developing and implementing privacy threshold and impact assessments for documenting risk, enabling solutions that advance UW mission, and assessing risk to individuals’ information.  

Policies, Laws and Regulations

Overseeing and approving privacy related policies, standards, and guidelines that transcend a single unit or type of data. Monitoring regulatory developments and adjusting efforts as necessary.


Assisting UW organizations in evaluating privacy issues presented by information in their academic activities, research projects, and business operations.

Data Classification and Data Requests

Classifying identifiable data as confidential, restricted, or public in accordance with UW Administrative Policy Statement 2.2. University Privacy Policy. Determining risk associated with requests for access, use, or disclosure of identifiable information that cross multiple organizations, compliance areas, or data domains.   

Agreements, Consent processes, Notices, and Transparency Reporting

Providing clarity and consistency of privacy principles in agreements, consent processes, and notices related to the access and use of identifiable information. Developing mechanisms for individuals to know and understand more about UW’s collection, use, and protection of their information.  

Incident Management

Leading incident reviews that involve identifiable information related to a person and making final determination about notification to individuals.  

Additional Services

We will define additional services and resources over time and as the privacy program matures.