Confidentiality Agreement - Digital Media System Administrators

Last updated 07/01/22

Systems: Panopto

A confidentiality agreement must be signed at the time of employment with ITCS or upon substantive changes to the agreement and require annual review. Since department  administrators of IT systems may have increased access and privileges, they must also agree to the conditions outlined in this agreement.

As an administrator providing digital media support, you will have access to restricted use and confidential information. Examples of such information include but are not limited to student grades, student work, course content, assessments and login IDs.

As a condition of the digital media administrator role:

1. I am required to accept responsibility to preserve the complete confidentiality of information.
2. I am required to protect against unauthorized access to such information, to ensure the security and privacy of such information and to report any anticipated threats or hazards to such information.
3. I must not release this information to the public or to other individuals including but not limited to university employees who do not have authorization to access such information or who do not have a legitimate institutional or business need.

If there are inquiries concerning the release of such information to another person, under no circumstances will I release such information without first receiving authorization from the appropriate authority within ITCS. First point of contact for the request is the ITCS administrator for the appropriate system.

Unauthorized access includes but is not limited to:

1. Access to student, employee, clinical or university information not essential to carry out job responsibilities.
2. Non-business or non-institutional access to data records. This includes access to data for my personal knowledge, for myself, my children, spouse, parents and other relatives as well as friends, acquaintances and co-workers.
3. Release of information to unauthorized internal or external users.
4. Release of additional or excessive information to an authorized individual/agency than is essential to meeting the stated purpose of an approved request.

Information may not be divulged, copied, posted, released, sold, loaned, reviewed, altered or destroyed except as properly authorized by the appropriate university official within the scope of applicable federal or state laws and university policies and procedures.

Further, I agree to abide by and enforce:

• Family Educational Rights & Privacy Act of 1974 (FERPA). I have taken the FERPA training and quiz in PiratePort.
• All ECU policies and procedures regarding security and confidentiality currently in effect or which may be implemented or revised from time to time.

Given the elevated level of access within a digital media system, I agree that I will not:

• Increase the access level of another user.
• Abuse the access privileges granted to me.
• I will only access course content to provide technical support upon request.

I have discussed any questions I have about these statements with my supervisor, and I understand the significance of IT roles, the importance of confidentiality in these roles and agree to adhere to the confidentiality statements above.

As evidenced by the acknowledgements I accepted when submitting the Admin Access Request, I recognize that a violation of the above conditions may constitute grounds for disciplinary action, up to and including termination of employment or contract.