(1)

lawyer at desk

Ask a legal question, get an answer ASAP!
Click here to chat with a lawyer about your rights.

Terms Used In Utah Code 53B-28-503

  • Board: means the Utah Board of Higher Education described in Section 53B-1-402. See Utah Code 53B-1-101.5
  • Data governance plan: means an education entity's comprehensive plan for managing education data that:
         (4)(a) incorporates reasonable data industry best practices to maintain and protect student data and other education-related data;
         (4)(b) describes the role, responsibility, and authority of the board or an institution privacy officer;
         (4)(c) provides for necessary technical assistance, training, support, and auditing;
         (4)(d) describes the process for sharing student data between the education entity and another person;
         (4)(e) describes the education entity's data expungement process, including how to respond to requests for expungement;
         (4)(f) describes the data breach response process; and
         (4)(g) is published annually and available on the institution's website or the Utah System of Higher Education's website. See Utah Code 53B-28-501
  • Higher education privacy officer: means a privacy officer that the board designates under Section 53B-28-503. See Utah Code 53B-28-501
  • Institution: means an institution of higher education described in Section 53B-1-102. See Utah Code 53B-28-501
  • State privacy officer: means the state privacy officer described in Section 67-3-13. See Utah Code 53B-28-501
  • Student: means an individual enrolled in an institution. See Utah Code 53B-28-501
  • Student data: means information about a student at the individual student level. See Utah Code 53B-28-501
     (1)(a) An institution shall adopt policies to protect student data in accordance with this part and board rule, including the standards the board establishes under Subsection 53B-28-502(5).
     (1)(b) The policies described in Subsection (1)(a) shall take into account the specific needs and priorities of the institution.
(2) The board shall designate a higher education privacy officer.
(3) The higher education privacy officer shall:

     (3)(a) verify compliance with student privacy laws, rules, and policies throughout the Utah System of Higher Education;
     (3)(b) support institutions in developing data governance plans and student data privacy training; and
     (3)(c) act as the primary point of contact for the state privacy officer.
(4) An institution shall:

     (4)(a) designate an individual to act as the primary contact for the higher education privacy officer;
     (4)(b) create and maintain an institution:

          (4)(b)(i) data governance plan that complies with the standards the board establishes under Subsection 53B-28-502(5); and
          (4)(b)(ii) record of student data privacy training; and
     (4)(c) annually publish the institution’s data governance plan on the institution’s website.
  Previous section
Next section  
 Part 5 Contents