Statement of Understanding
I understand that I will be given access to information contained in the University Enterprise Directory and that this information will solely be used for the approved application and that only the population and fields approved will be utilized. I understand I am solely responsible for my use of this information, including its disclosure to others. I therefore agree not to re-disclose or provide access to this information except as authorized by my job duties and in compliance with federal and state laws and University policy. Neither curiosity nor personal relationships provide a basis for any breach of confidentiality.
Additionally, by signing the Acceptable Use of Data Guidelines and Memorandum of Understanding for Access to the University Enterprise Directory form I acknowledge the following:
- I agree to keep all information in a manner that is appropriate to its content and to keep any personally identifiable information confidential, kept out of public view, and stored in a secure location/form, whether it is in paper copy, contained in software, visible on screen displays, in computer readable, or any other form.
- I will take steps to maintain the security, confidentiality, and integrity of ALL information accessible by me whether or not the particular population has been approved or not .
- I may have access to more information than has been approved. Usage is limited to a specific population (objects) and defined fields within that population. My application must select fields by name and limit the data set to only those attributes permitted in the specific approval.
- Access will be reviewed and renewed once per year. Failure to respond within 30 days of the request will result in revocation of access.
- Changes to the contact person for this access must be communicated to the Directory Administrator (firstname.lastname@example.org) and the new contact must complete this Memorandum of Understanding
- UMD's Enterprise Directory contains information about Faculty, Staff, Affiliates and Students. I understand that all personally identifiable information contained in all student education records*, including information available through academic computer systems, is confidential and prohibited from disclosure except as permitted by the Federal Family Educational Rights and Privacy Act (FERPA), commonly known as the Buckley Amendment, and by the University's Policy on Confidentiality and Disclosure of Student Records (the Policy). I have had the opportunity to have my questions regarding FERPA, the Policy, and my access to and use of student data answered. And I have completed the UMD FERPA Tutorial.* Student education records are defined as any University record that contains information directly related to a student, with the exception of records made by faculty and staff for their own use and not shown to others, campus police law enforcement records, medical/psychological treatment records, some employment records, and records created after a student has ceased to enroll.
In particular, I acknowledge that under FERPA and the Policy:
- Release of student data within the University. Personally identifiable information contained in any student education record made available through these systems may only be used within the University for academic advising or to support other authorized internal University administrative functions. All requests for verification of student records or for other student data from University units with no academic advising responsibilities, and therefore no direct access to the Student Information System or ADVISE, must be referred to the Office of the Registrar for approval.
- Release of student data outside of the University. All requests for personally identifiable information contained in student education records from individuals or agencies outside the University must be referred to the Office of the Registrar. All personally identifiable information is considered highly confidential and shall be released outside of the University only with the written consent of the student or in compliance with the Policy. In addition, a student may refuse to allow the University to disclose even designated directory information outside of the University.
- The official record of these refusals is maintained in the Office of the Registrar.
- Release of student data for research purposes. The academic computer systems are not designed to support research and may not be used as a database for internal University or external research projects. Such data must be obtained from the Office of the Registrar or from the Office of Institutional Research, Planning and Assessment, as appropriate.
- I have read the University of Maryland Policy for the Acceptable Use of Computing Resources available at http://www.umd.edu/aup. I have had the opportunity to have my questions regarding this Policy answered, or my access to and use of the Information answered.
- I understand providing Information for unauthorized uses or otherwise violating University confidentiality policies relating to the information may result in disciplinary action, including my dismissal and prosecution under applicable federal or state laws. If I am a student employee, I understand that misuse also may result in a referral to the Student Judicial Board. For approved data downloads, the source system is the official system of record and any redistribution of that data is prohibited. Failure to comply with the terms specified in this Memorandum of Understanding will result in REVOKING the access and may result in disciplinary action, including my dismissal and prosecution under applicable federal and state laws.
I verify I have read and understand the information provided above, and agree to comply with its contents. I have read and understand the information provided in this document and the Enterprise Directory Policies https://itsupport.umd.edu/itsupport?id=kb_article_view&sysparm_article=KB0012271.