Gathering Sensitive Information (Social Security numbers, student numbers, credit cards, etc)
University policy prohibits using non-secure forms to collect sensitive information, such as social security numbers, student numbers, or credit card numbers. Forms requesting this type of information need to be stored on a secure server, and data may not be sent via e-mail or stored in a .csv file on a secure server. The Data Access Team can provide assistance in setting up forms requiring sensitive data.
In addition, UNI Web Policy mandates any transactions that require secure communications (such as in the use of social security, pin, or credit card numbers over the internet), must receive the approval of the office of the Associate VP for ITS that the transmission, storage, and use of such data meets standards for security and privacy, such as using Secure Socket Layer (SSL).