Information Technology Standard - HIPAA File Storage in Box - Policy

POL-COM4819

The purpose of this standard is to define approved methods for using box.com to ensure the integrity and confidentiality of protected health information (PHI) and other Pacific University confidential information while at rest and during transmission. This standard applies to all data that is considered Pacific University confidential information, including PHI, and is being stored in Box, regardless of its storage duration.

Business and instructional needs may require the storage of PHI in the box.com file storage and sharing service (Box). Box provides tools to ensure that PHI remains private and secure. This standard is designed to provide guidelines to Box users who are storing, sharing or accessing PHI in Box, to make best use of those tools to ensure the integrity, privacy and security of that information.

PUNet ID required to review
Updated September 2023

Tuesday, Feb. 9, 2016

Information Technology Standard – Workstation Configuration Policy

POL-COM4821

This standard establishes a consistent set of minimum security measures required for computer workstations used within Pacific University. This standard also addresses standards for vendor and personally owned workstations when they are connected to Pacific University’s systems and networks.The elements of this standard include requirements for installation and configuration, access control, physical security, document storage, logging and monitoring, and change management. Pacific University security standards are based upon industry standards, HIPAA, National Institute of Standards & Technologies (NIST) security guidelines, and existing Pacific University policies on Information Security.

This standard applies to all Clinical workstation connected to the Pacific University network. All clinical workstations deployed run Windows and will be configured to policy requirements.

Updated 3-08-2022

PUNet ID required to review

Wednesday, Nov. 14, 2018

Intellectual Property Policy

The creation, and use, of intellectual property is at the core of the academic enterprise at Pacific University. The intellectual contributions of faculty, staff and students to the University community enrich our common knowledge, and they foster our shared spirit of innovation. More information on copyright law and guidelines can be found through the United States Copyright Office.

IT Guidelines and Policy for International Travel | UIS

POL - UIS4500

International travel significantly increases the risks of theft or loss of IT equipment and of malware infection that can compromise accounts.  This policy helps to manage these risks and thus manage the risk to university protected data and records. There are also potential legal issues surrounding traveling with encryption and this policy helps manage risk of legal action to the university or its employees.

Tuesday, May 15, 2018

Job Shadow Agreement for Minor - Form

FRM-COM4822

Required document for providing a Job Shadow opportunity as a learning experience to a minor student. Form must be signed.

Updated 3-8-2022

PUNet ID required to review

Wednesday, Nov. 7, 2018

Keys Policy

POL - U1022

The appropriate administrative head may authorize a key or keys to an employee for her/his office, classroom and building. The administrative head authorizing the keys is also responsible to make sure the keys are returned upon termination of the employee.

Key authorization forms are available from Facilities Management and on their website. The employee assumes responsibility for the security of the various keys he/she will need. Each key is for personal use in discharge of assigned duties. Under no circumstances will an individual have keys duplicated or permit them to be duplicated unless written permission has been granted by the Facilities Department.

Friday, June 1, 2018

Language Services Policy

POL - COM4841

The purpose of this policy is to establish language proficiency requirements for Providers in accordance with OHA 333.002.0250.

Pacific University will allow Providers to interpret from English to the target language, when arranging for or providing services to a person with Limited English Proficiency (LEP), when the Provider meets the proficiency standard, prior to acting as interpreter. Patient requests for a certified or qualified interpreter from the Health Care Interpreters Registry will be honored by Pacific University.

This policy applies to Providers within Pacific University’s Healthcare Clinics. Pacific University is a hybrid entity. Only the health care component (i.e., the covered functions) of Pacific University must comply with this policy. All references in this policy to “Pacific University” shall be construed to refer only to the health care components of Pacific University.

Updated October 2024.

Thursday, Sept. 29, 2022

Library Privacy Policy

POL-LIB2601

Pacific University Libraries are committed to respecting users’ privacy and acknowledge the role that privacy plays in fulfilling the Libraries’ mission to advance critical inquiry, collaborative learning, and knowledge creation. This policy’s purpose is to inform users about: 

  • How the Libraries handle personally identifiable information that may be collected
  • Actions the Libraries take in order to protect users’ privacy
  • Users’ rights while engaging with Libraries’ resources

This policy only applies to the Libraries’ website and any other web service hosted on behalf of the Libraries and does not cover any external service or site, even if it is linked from the Libraries’ resources.

Monday, Oct. 19, 2020

Loan/Work Study Change Request

If you would like to change the amount of your work study award, Federal Direct Loan(s) and/or private loan, indicate the requested change(s) on this form and return to the Office of Financial Aid. Our ability to change loan amounts is limited. 

Mandatory Reporting

Effective January 1, 2013, employees of Oregon public and private higher education institutions are considered by law to be mandatory reporters of child abuse for minors. 

Mentoring Program for New Faculty Members | CAS

Wednesday, Aug. 6, 2014

Minimum Necessary Policy

POL-COM4823

The purpose of this policy is to establish Pacific University's compliance with federal HIPAA regulations 45 CFR §§ 164.502(b) and 164.514(d), which require covered entities to make reasonable efforts to limit the use and disclosure of PHI to the minimum necessary. Information systems, including electronic health records contain more protected health information (PHI) than may be needed for a given purpose or disclosure. This policy governs the use and disclosure of PHI so that only the minimum amount of PHI is used when needed.

The scope of this policy is all workforce members of Pacific University’s health care component. Pacific University is a hybrid entity. Only the health care component (i.e., the covered functions) of Pacific University must comply with this policy. All references in this policy to “Pacific University” shall be construed to refer only to the health care component of Pacific University.

PUNet ID required to review
Updated April 2023

Tuesday, Feb. 11, 2020

Mobile Device Policy | UIS

POL-UIS4511

Workforce members of Pacific University are generally not issued smart phones or similar mobile devices, which have the ability to connect to the Pacific network and download data. To support mobile access for the workforce, Pacific has adopted a "bring your own device" (BYOD) approach, which permits workforce members to utilize personally owned devices to access Pacific email, calendar, contacts and other resources. This policy applies to both personally owned devices and Pacific-owned devices.

The use of personally owned mobile devices to access Pacific data remotely might inevitably lead to users storing Pacific data on their personally owned devices. While Pacific determines the financial and technical feasibility of implementing technical controls and mobile device security enhancements, the university has adopted the measures described in this policy to safeguard university Protected Data.

PUNID required to review policy.

Revised 2/8/2022

Tuesday, Jan. 29, 2019

Non-Retaliation/Non-Retribution Policy

POL-HRLEG5002

Pacific University promotes the highest standard of ethical and legal conduct. The Code of Conduct, policy and procedures for all workforce members guide this effort. Pacific University promotes open dialogue between members of the Pacific University community, and encourages workforce members to report problems, concerns, opinions without fear of retaliation or retribution.

The University will use best efforts to protect workforce members against retaliation or retribution from reporting actual or potential wrongdoing, including actual or potential violation of law, regulation, policy or procedure.

All workforce members are responsible for promptly reporting actual or potential wrongdoing, including an actual or potential violation of law, regulation, policy or procedure. Workforce members who report concerns in good faith will not be subjected to retaliation, retribution or harassment.

Pacific University maintains an “open door policy” to allow individuals to report problems and concerns. Reports can be submitted in person, by mail, by phone or email to any person in leadership within Pacific University, including:

General Counsel, Associate VP of HR, Legal and Compliance, or
Vice President for Finance and Administration, or
Provost and Vice President for Academic Affairs

2043 College Way
Forest Grove, OR 97116

Tuesday, Feb. 25, 2020

Notice of Privacy Practices

POL-COM4801

Pacific University is committed to preserving the privacy of your health information. We are required by law to keep your health information private and provide you with this Notice of Privacy Practices. We are also required to provide you with this Notice describing our legal duties and our practices concerning your health information. We reserve the right to change this Notice and to make the revised or changed Notice effective for health information we already have about you, as well as any information we receive in the future. We will have a copy of the current Notice with an effective date in clinical locations and any changes made to the Notice will be posted in the Patient Registration area, posted on our website and given to you at your next appointment. Pacific University is required to notify you if your protected health information is breached.

Notice of Privacy Practices — English

Notificación de Prácticas de Privacidad — Spanish

Request to Inspect or Copy Protected Health Information Form


For Clinic Use: 

Notice of Privacy Practices Acknowledgement - English

Notice of Privacy Practices Acknowledgement - Spanish

Notice of Privacy Practices Handout - English

Notice of Privacy Practices Handout - Spanish

 

Monday, March 1, 2021

Office Space and Furnishings

POL - U1028

The assigning of office space and furnishings for academic personnel is a function of the dean of the appropriate college or school in consultation with the Vice President for Finance and Administration.

Office space and furnishings for non-academic administrators and staff are assigned by the appropriate department head in consultation with the Vice President for Finance and administration.

Friday, June 1, 2018

Online Storage of Administrative Work Files

POL - UIS4519

Work files should be stored in places with appropriate controls that provide for business continuity.  When faculty and staff members store work files in areas not managed by their departments, there is a significant risk of the disruption of operations if the files become inaccessible because the employee is unavailable due to leave or ceases to be employed at the university.  UIS does not have a quick, efficient, or guaranteed way to retrieve files stored in non-managed areas and services, and any retrieval of files owned by an employee requires an exception to the employee privacy policy section of the Appropriate Use for Information Technology Policy.  Thus, this document establishes that supervisors have a right, and often a duty, to ask employees under their supervision to organize work files so that the supervisors have access to them, and that employees are expected to do so when asked.  Exceptions are provided for most types of academic files and personal copies of personal copies of performance evaluations.

Training opportunities will be provided leading up to the October 1, 2024 adherence date when enforcement of this policy will occur.
View the Knowledge Base article on this topic with helpful tips and instructions. 

Monday, July 15, 2024

Outside Scholarship Notice

It is important for the Financial Aid Office to know about any outside resources and/or scholarships you are receiving. 

Pacific University Faculty and Governance Handbook

Various editions of a Pacific University Faculty and Governance Handbook have appeared since the early 1940s. The University Faculty and Governance Handbook is intended as a guide for all Pacific University employees to the current faculty and governance practices and procedures of the university. The University Faculty and Governance Handbook is accessible to all employees and students through the university's web site.

Pacific University Password Policy | UIS

POL-UIS4501

The purpose of this policy is to establish a standard for creation of strong passwords, the protection of those passwords, and the frequency of change.

Passwords are an important aspect of computer security. A poorly chosen password may result in the compromise of Pacific University's entire university network.

Tuesday, Jan. 29, 2019

Pages