UW Privacy Office

Principles

Framework for Aligning UW Values and Privacy Principles with Operations

Values

We uphold the UW’s values to guide decisions about how the processing of personal data (such as, collection, use, storage, and retention) impact the UW and individuals. We demonstrate our values by honoring our commitments to individuals.

Respect We respect individuals’ privacy when we collect and use personal data. We understand that personal data represent and have an impact on individuals and communities.

Integrity We work to maintain, present, and use accurate and reliable personal data in a way that promotes trusted relationships with individuals. 

Diversity We recognize various dimensions of diversity and work to protect individuals’ privacy as we work to pursue UW’s vision. We reflect on what privacy means to different geographic regions, cultures, generations and individuals.

Excellence We hold ourselves to the highest standard of ethics when we use personal data within and on behalf of UW. 

Collaboration We assess the privacy impacts to individuals when collaborating with people and organizations to process personal data. We share personal data within the parameters of federal, state, and international law. Any partners and vendors who collect or process data on our behalf are directed through contracts or other means to protect the privacy of personal data. 

Innovation We may use personal data to enable the UW’s vision for the future, support the individuals we serve, and advance research. Before using personal data in this way, we endeavor to balance and manage the risk to the UW and privacy impact to individuals.

Privacy Principles

Our privacy principles encompass and expand on UW values to help ensure the collection and use of personal data reflects our academic, humanitarian, ethical, and legal obligations. Our use of personal data stems from the purpose for which we collected the data.

Minimization We think carefully about what data are required to fulfill a specific operation, project, or system and collect only the necessary data elements. We only retain personal data as long as needed to fulfill its purpose and consistent with the UW records retention schedules and relevant or applicable law.

Accountability We are accountable for governing and managing the collection, use, and flow of personal data in ways that are consistent with our commitments.

Protection We think carefully about controls to safeguard personal data. Regardless of the form (paper, digital, etc.), this includes: considering de-identification, anonymization, obfuscation; implementing technical controls such as encryption and role-based access; and securing the physical location and storage.

Awareness We endeavor to be transparent about what data are collected, how they are used, how they are shared, and how they are stored. We strive to make choices clear and manageable, and to provide opportunities for individuals to exercise privacy preferences by using either opt-out or opt-in methodologies.