Identity Theft Protection Committee: PII Use Request

Support

An ITCS technician will respond to support requests during regular operating hours.

 Phone: 252.328.9866 / 800.340.7081

IT Help Desk Chat

Submit a Ticket

 Questions concerning the requirements of this regulation should be directed to the ITPC at ITPC@ecu.edu.

Overview

To ensure compliance with legal requirements governing Social Security Numbers (SSNs) and Personally Identifiable Information (PII), ECU established the Identity Theft Protection Committee (ITPC) to oversee the collection, segregation, disclosure and security of SSNs and PII and the development of related policies/regulations.

North Carolina passed the Identify Theft Protection Act of 2005 in December 2005. Although this act is focused on protecting financial information, it also addresses the protection of personal information that can be used to gain access to that information. Due to this fact, the university falls under this legislation. Below is a summary of the major impact:

  1. Social Security Numbers (SSNs) may not be transmitted over the internet in unencrypted form.
  2. SSNs may not be used for authentication without other identifying information.
  3. SSNs may not be printed on any material mailed to an individual unless specifically required by federal law.
  4. Individuals must be notified of security breaches when there's a reasonable likelihood that their "identifying information" has been compromised.
  5. Identifying information covers a wide range of data, including SSNs, bank account numbers, driver's license numbers, biometric data (fingerprints), passwords, and parent's legal surname prior to marriage (often used by financial institutions as a form of authentication).
  6. A violation of this act can result in significant monetary damages, exposure of personal information that could result in damages to the individual, and security breaches that could tarnish the reputation of the university.

Related Links

Available To

Faculty, Staff

Get Started

Submit this request for approval to collect, store, use or disclose Social Security Numbers or other Personally Identifiable Information (PII) subject to the North Carolina State Privacy and/or Identity Theft Protection Act(s).

ITPC Request Process

  1. Submit this ITPC PII Use Request form for approval to collect, store, use or disclose SSNs or other PII subject to the North Carolina State Privacy and/or Identity Theft Protection Act(s).
  2. The ITPC reviews your request and may contact you with any questions.
  3. Submit a Technology Security Assessment request if new or unapproved technology will be used to process or store the PII in your request (e.g., software, devices, services, online service, etc.). Security concerns help determine approval of your request.
  4. The request is presented at the next available committee meeting for final approval. You may be asked to attend to address concerns from ITPC members.

Allow at least 30 days for the entire process.

Note: The submission of this request does not equate to approval.

Related Policies and Guidelines

ECU’s SSN/PII policy was initially approved in 2007 and updated to a Regulation on July 20, 2012. This regulation states that SSN and PII information may only be collected, used and/or disclosed by ECU and its employees and agents as permitted by applicable law and university policy and only in furtherance of legitimate university business.

Fees

No fees are associated with this service.

 
Submit a Ticket

Details

22777
Created
Thu 9/14/17 9:10 AM
Modified
Fri 11/8/19 4:09 PM