UW Privacy Office

About

Last updated on December 13, 2022

ON THIS PAGE:

Privacy at the UW

As we pursue our academic, research, healthcare, and business activities, it is vital that we each understand our academic, humanitarian, ethical, and legal obligations when it comes to individuals’ privacy. Without individuals trusting us with their information, it would be impossible for us to fulfill our mission. We owe it to those we serve to ensure that their personal data are collected and used appropriately.

To learn more about the Privacy Office’s activities and the people who work together to put privacy into action at UW, visit the following pages:

History

Prior to 2017, privacy at the UW was approached in silos or defined by a topic-specific law or regulation. In 2017, the UW established the Privacy Office to create a cohesive University-wide approach to privacy – an approach that governs the appropriate collection and use of personal data in the interest of UW constituents and is reflective of the philosophical, legal, social, and technological concepts that relate to privacy. The creation of the office was essential for the UW to strategically and proactively navigate emerging technologies (e.g., artificial intelligence), address the interoperability of new or changing laws and regulations, and be responsive to privacy expectations of our constituents.

Vision

Our vision is to have a cohesive approach to privacy that promotes trusted relationships and supports the appropriate and responsible use of personal data to further UW’s vision and mission.

Mission

We develop University-wide privacy policies and principles that uphold the UW’s values. We provide support services that help align the UW’s overall approach to protecting privacy and create an institution-wide structure and strategy that unifies privacy at all UW locations.

Scope

UW Privacy Office policies, guidance, and practices apply to all areas of the University; all University Personnel; and all mediums of personal data.

Our focus is on all types of personal data other than data that are solely and uniquely protected health information defined by HIPAA and overseen by the UW HIPAA privacy officials or human subjects research regulated by the Code of Federal Regulations (CFRs) and overseen by the Human Subjects Division.

When data overlaps with multiple laws and regulations, we collaborate closely with the responsible office to provide cohesive advice (when possible). For example, when healthcare data are protected by FERPA and by HIPAA, we coordinate with the HIPAA privacy officials; when research data are protected by the CFRs and the European Union General Data Protection Regulation, we coordinate with the Office of Research.