Directly disclosing or providing critical information elements to a person outside IU — verbally, on paper, or electronically — is a disclosure. Sharing or disclosure of critical information is sometimes necessary, or even required by law, to complete a business transaction. Through IU policy DM-02: Disclosing Institutional Information to Third Parties, two processes have been designed to provide the necessary resources for departments to select solutions that meet their needs while minimizing threats to IU data:
Other Authorized Disclosures
In many instances, particularly when a SSN is included, you need to obtain an individual’s express written consent for sharing or disclosure. Documents should expressly indicate that their SSN is being disclosed.
Requests/demands from law enforcement, or from the public under the Indiana Access to Public Records Act, should be forwarded to the Office of the Vice President and General Counsel immediately.